Vulnerabilites related to mcafee - endpoint_security
CVE-2020-7322 (GCVE-0-2020-7322)
Vulnerability from cvelistv5
Published
2020-09-09 09:30
Modified
2024-09-16 21:57
Severity ?
EPSS score ?
Summary
Information Disclosure Vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local users to gain access to sensitive information via incorrectly logging of sensitive information in debug logs.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10327 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee LLC | Endpoint Security for Windows |
Version: 10.7.x < 10.7.0 September 2020 Update |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:25:48.949Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10327", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Endpoint Security for Windows", vendor: "McAfee LLC", versions: [ { lessThan: "10.7.0 September 2020 Update", status: "affected", version: "10.7.x", versionType: "custom", }, ], }, ], datePublic: "2020-09-08T00:00:00", descriptions: [ { lang: "en", value: "Information Disclosure Vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local users to gain access to sensitive information via incorrectly logging of sensitive information in debug logs.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-532", description: "CWE-532: Insertion of Sensitive Information into Log File", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-09-09T09:30:16", orgId: "01626437-bf8f-4d1c-912a-893b5eb04808", shortName: "trellix", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10327", }, ], source: { discovery: "INTERNAL", }, title: "Exposure of Sensitive Information in ENS for Windows", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@mcafee.com", DATE_PUBLIC: "2020-09-08T00:00:00.000Z", ID: "CVE-2020-7322", STATE: "PUBLIC", TITLE: "Exposure of Sensitive Information in ENS for Windows", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Endpoint Security for Windows", version: { version_data: [ { version_affected: "<", version_name: "10.7.x", version_value: "10.7.0 September 2020 Update", }, ], }, }, ], }, vendor_name: "McAfee LLC", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Information Disclosure Vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local users to gain access to sensitive information via incorrectly logging of sensitive information in debug logs.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-532: Insertion of Sensitive Information into Log File", }, ], }, ], }, references: { reference_data: [ { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10327", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10327", }, ], }, source: { discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "01626437-bf8f-4d1c-912a-893b5eb04808", assignerShortName: "trellix", cveId: "CVE-2020-7322", datePublished: "2020-09-09T09:30:16.088862Z", dateReserved: "2020-01-21T00:00:00", dateUpdated: "2024-09-16T21:57:51.111Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-7251 (GCVE-0-2020-7251)
Vulnerability from cvelistv5
Published
2020-02-14 14:50
Modified
2024-08-04 09:25
Severity ?
EPSS score ?
Summary
Improper access control vulnerability in Configuration Tool in McAfee Mcafee Endpoint Security (ENS) Prior to 10.6.1 February 2020 Update allows local users to disable security features via unauthorised use of the configuration tool from older versions of ENS.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10299 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee, LLC | Mcafee Endpoint Security (ENS) |
Version: 10.6.x < 10.6.1 February 2020 update |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:25:48.459Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10299", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Mcafee Endpoint Security (ENS)", vendor: "McAfee, LLC", versions: [ { lessThan: "10.6.1 February 2020 update", status: "affected", version: "10.6.x", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Improper access control vulnerability in Configuration Tool in McAfee Mcafee Endpoint Security (ENS) Prior to 10.6.1 February 2020 Update allows local users to disable security features via unauthorised use of the configuration tool from older versions of ENS.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-358", description: "CWE-358 Improperly Implemented Security Check for Standard", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-02-14T14:50:14", orgId: "01626437-bf8f-4d1c-912a-893b5eb04808", shortName: "trellix", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10299", }, ], source: { discovery: "INTERNAL", }, title: "ESConfig Tool able to edit configuration for newer version", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@mcafee.com", ID: "CVE-2020-7251", STATE: "PUBLIC", TITLE: "ESConfig Tool able to edit configuration for newer version", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Mcafee Endpoint Security (ENS)", version: { version_data: [ { version_affected: "<", version_name: "10.6.x", version_value: "10.6.1 February 2020 update", }, ], }, }, ], }, vendor_name: "McAfee, LLC", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Improper access control vulnerability in Configuration Tool in McAfee Mcafee Endpoint Security (ENS) Prior to 10.6.1 February 2020 Update allows local users to disable security features via unauthorised use of the configuration tool from older versions of ENS.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-358 Improperly Implemented Security Check for Standard", }, ], }, ], }, references: { reference_data: [ { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10299", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10299", }, ], }, source: { discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "01626437-bf8f-4d1c-912a-893b5eb04808", assignerShortName: "trellix", cveId: "CVE-2020-7251", datePublished: "2020-02-14T14:50:14", dateReserved: "2020-01-21T00:00:00", dateUpdated: "2024-08-04T09:25:48.459Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2021-23881 (GCVE-0-2021-23881)
Vulnerability from cvelistv5
Published
2021-02-10 10:30
Modified
2024-09-17 01:41
Severity ?
EPSS score ?
Summary
A stored cross site scripting vulnerability in ePO extension of McAfee Endpoint Security (ENS) prior to 10.7.0 February 2021 Update allows an ENS ePO administrator to add a script to a policy event which will trigger the script to be run through a browser block page when a local non-administrator user triggers the policy.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10345 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee LLC | Endpoint Security (ENS) for Windows |
Version: 10.7.x < 10.7.0 February 2021 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T19:14:09.233Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10345", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Endpoint Security (ENS) for Windows", vendor: "McAfee LLC", versions: [ { lessThan: "10.7.0 February 2021", status: "affected", version: "10.7.x", versionType: "custom", }, ], }, ], datePublic: "2021-02-10T00:00:00", descriptions: [ { lang: "en", value: "A stored cross site scripting vulnerability in ePO extension of McAfee Endpoint Security (ENS) prior to 10.7.0 February 2021 Update allows an ENS ePO administrator to add a script to a policy event which will trigger the script to be run through a browser block page when a local non-administrator user triggers the policy.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Cross-site Scripting (XSS)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-02-10T10:30:15", orgId: "01626437-bf8f-4d1c-912a-893b5eb04808", shortName: "trellix", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10345", }, ], source: { discovery: "INTERNAL", }, title: "Stored Cross Site Scripting in ENS", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@mcafee.com", DATE_PUBLIC: "2021-02-10T00:00:00.000Z", ID: "CVE-2021-23881", STATE: "PUBLIC", TITLE: "Stored Cross Site Scripting in ENS", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Endpoint Security (ENS) for Windows", version: { version_data: [ { version_affected: "<", version_name: "10.7.x", version_value: "10.7.0 February 2021", }, ], }, }, ], }, vendor_name: "McAfee LLC", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A stored cross site scripting vulnerability in ePO extension of McAfee Endpoint Security (ENS) prior to 10.7.0 February 2021 Update allows an ENS ePO administrator to add a script to a policy event which will trigger the script to be run through a browser block page when a local non-administrator user triggers the policy.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-79 Cross-site Scripting (XSS)", }, ], }, ], }, references: { reference_data: [ { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10345", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10345", }, ], }, source: { discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "01626437-bf8f-4d1c-912a-893b5eb04808", assignerShortName: "trellix", cveId: "CVE-2021-23881", datePublished: "2021-02-10T10:30:15.368578Z", dateReserved: "2021-01-12T00:00:00", dateUpdated: "2024-09-17T01:41:33.007Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-7274 (GCVE-0-2020-7274)
Vulnerability from cvelistv5
Published
2020-04-15 11:30
Modified
2024-09-16 17:04
Severity ?
EPSS score ?
Summary
Privilege escalation vulnerability in McTray.exe in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to spawn unrelated processes with elevated privileges via the system administrator granting McTray.exe elevated privileges (by default it runs with the current user's privileges).
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10309 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee LLC | McAfee Endpoint Security (ENS) |
Version: 10.x < 10.7.0 April 2020 Update |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:25:48.432Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "McAfee Endpoint Security (ENS)", vendor: "McAfee LLC", versions: [ { lessThan: "10.7.0 April 2020 Update", status: "affected", version: "10.x", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "McAfee credits Lockheed Martin Red Team for reporting this flaw", }, ], datePublic: "2020-04-14T00:00:00", descriptions: [ { lang: "en", value: "Privilege escalation vulnerability in McTray.exe in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to spawn unrelated processes with elevated privileges via the system administrator granting McTray.exe elevated privileges (by default it runs with the current user's privileges).", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-269", description: "CWE-269 Improper Privilege Management", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-04-15T11:30:17", orgId: "01626437-bf8f-4d1c-912a-893b5eb04808", shortName: "trellix", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], source: { discovery: "EXTERNAL", }, title: "ENS elevated permissions vulnerability", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@mcafee.com", DATE_PUBLIC: "2020-04-14T00:00:00.000Z", ID: "CVE-2020-7274", STATE: "PUBLIC", TITLE: "ENS elevated permissions vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "McAfee Endpoint Security (ENS)", version: { version_data: [ { version_affected: "<", version_name: "10.x", version_value: "10.7.0 April 2020 Update", }, ], }, }, ], }, vendor_name: "McAfee LLC", }, ], }, }, credit: [ { lang: "eng", value: "McAfee credits Lockheed Martin Red Team for reporting this flaw", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Privilege escalation vulnerability in McTray.exe in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to spawn unrelated processes with elevated privileges via the system administrator granting McTray.exe elevated privileges (by default it runs with the current user's privileges).", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-269 Improper Privilege Management", }, ], }, ], }, references: { reference_data: [ { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], }, source: { discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "01626437-bf8f-4d1c-912a-893b5eb04808", assignerShortName: "trellix", cveId: "CVE-2020-7274", datePublished: "2020-04-15T11:30:17.645916Z", dateReserved: "2020-01-21T00:00:00", dateUpdated: "2024-09-16T17:04:10.166Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2021-31842 (GCVE-0-2021-31842)
Vulnerability from cvelistv5
Published
2021-09-17 13:35
Modified
2024-08-03 23:10
Severity ?
EPSS score ?
Summary
XML Entity Expansion injection vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2021 Update allows a local user to initiate high CPU and memory consumption resulting in a Denial of Service attack through carefully editing the EPDeploy.xml file and then executing the setup process.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10367 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee,LLC | McAfee Endpoint Security (ENS) for WIndows |
Version: unspecified < 10.7.0 September 2021 Update |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T23:10:30.765Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10367", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "McAfee Endpoint Security (ENS) for WIndows", vendor: "McAfee,LLC", versions: [ { lessThan: "10.7.0 September 2021 Update", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "XML Entity Expansion injection vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2021 Update allows a local user to initiate high CPU and memory consumption resulting in a Denial of Service attack through carefully editing the EPDeploy.xml file and then executing the setup process.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-776", description: "CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-09-17T13:35:12", orgId: "01626437-bf8f-4d1c-912a-893b5eb04808", shortName: "trellix", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10367", }, ], source: { discovery: "UNKNOWN", }, x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@mcafee.com", ID: "CVE-2021-31842", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "McAfee Endpoint Security (ENS) for WIndows", version: { version_data: [ { version_affected: "<", version_value: "10.7.0 September 2021 Update", }, ], }, }, ], }, vendor_name: "McAfee,LLC", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "XML Entity Expansion injection vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2021 Update allows a local user to initiate high CPU and memory consumption resulting in a Denial of Service attack through carefully editing the EPDeploy.xml file and then executing the setup process.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')", }, ], }, ], }, references: { reference_data: [ { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10367", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10367", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "01626437-bf8f-4d1c-912a-893b5eb04808", assignerShortName: "trellix", cveId: "CVE-2021-31842", datePublished: "2021-09-17T13:35:12", dateReserved: "2021-04-27T00:00:00", dateUpdated: "2024-08-03T23:10:30.765Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2019-3653 (GCVE-0-2019-3653)
Vulnerability from cvelistv5
Published
2019-10-09 14:21
Modified
2024-08-04 19:12
Severity ?
EPSS score ?
Summary
Improper access control vulnerability in Configuration tool in McAfee Endpoint Security (ENS) Prior to 10.6.1 October 2019 Update allows local user to gain access to security configuration via unauthorized use of the configuration tool.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10299 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee, LLC | McAfee Endpoint Security (ENS) |
Version: 10.6.x < 10.6.1 Version: 10.5.x < 10.5.5 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T19:12:09.671Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10299", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "McAfee Endpoint Security (ENS)", vendor: "McAfee, LLC", versions: [ { lessThan: "10.6.1", status: "affected", version: "10.6.x", versionType: "custom", }, { lessThan: "10.5.5", status: "affected", version: "10.5.x", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Improper access control vulnerability in Configuration tool in McAfee Endpoint Security (ENS) Prior to 10.6.1 October 2019 Update allows local user to gain access to security configuration via unauthorized use of the configuration tool.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-284", description: "CWE-284 Improper Access Control", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-10-09T14:21:45", orgId: "01626437-bf8f-4d1c-912a-893b5eb04808", shortName: "trellix", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10299", }, ], source: { discovery: "EXTERNAL", }, title: "ESConfig Tool access not controlled", x_generator: { engine: "Vulnogram 0.0.8", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@mcafee.com", ID: "CVE-2019-3653", STATE: "PUBLIC", TITLE: "ESConfig Tool access not controlled", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "McAfee Endpoint Security (ENS)", version: { version_data: [ { version_affected: "<", version_name: "10.6.x", version_value: "10.6.1", }, { version_affected: "<", version_name: "10.5.x", version_value: "10.5.5", }, ], }, }, ], }, vendor_name: "McAfee, LLC", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Improper access control vulnerability in Configuration tool in McAfee Endpoint Security (ENS) Prior to 10.6.1 October 2019 Update allows local user to gain access to security configuration via unauthorized use of the configuration tool.", }, ], }, generator: { engine: "Vulnogram 0.0.8", }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-284 Improper Access Control", }, ], }, ], }, references: { reference_data: [ { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10299", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10299", }, ], }, source: { discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "01626437-bf8f-4d1c-912a-893b5eb04808", assignerShortName: "trellix", cveId: "CVE-2019-3653", datePublished: "2019-10-09T14:21:45", dateReserved: "2019-01-03T00:00:00", dateUpdated: "2024-08-04T19:12:09.671Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-3984 (GCVE-0-2016-3984)
Vulnerability from cvelistv5
Published
2016-04-08 15:00
Modified
2024-08-06 00:10
Severity ?
EPSS score ?
Summary
The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) before 2.0.1.140.1, Data Loss Prevention Endpoint (DLPe) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Device Control (MDC) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Endpoint Security (ENS) 10.x before 10.1, Host Intrusion Prevention Service (IPS) 8.0 before 8.0.0.3624, and VirusScan Enterprise (VSE) 8.8 before P7 (8.8.0.1528) on Windows allows local administrators to bypass intended self-protection rules and disable the antivirus engine by modifying registry keys.
References
| ▼ | URL | Tags |
|---|---|---|
| http://seclists.org/fulldisclosure/2016/Mar/13 | mailing-list, x_refsource_FULLDISC | |
| http://lab.mediaservice.net/advisory/2016-01-mcafee.txt | x_refsource_MISC | |
| https://www.exploit-db.com/exploits/39531/ | exploit, x_refsource_EXPLOIT-DB | |
| http://www.securitytracker.com/id/1035130 | vdb-entry, x_refsource_SECTRACK | |
| https://kc.mcafee.com/corporate/index?page=content&id=SB10151 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T00:10:31.951Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20160304 McAfee VirusScan Enterprise security restrictions bypass", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2016/Mar/13", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://lab.mediaservice.net/advisory/2016-01-mcafee.txt", }, { name: "39531", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/39531/", }, { name: "1035130", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1035130", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10151", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-02-29T00:00:00", descriptions: [ { lang: "en", value: "The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) before 2.0.1.140.1, Data Loss Prevention Endpoint (DLPe) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Device Control (MDC) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Endpoint Security (ENS) 10.x before 10.1, Host Intrusion Prevention Service (IPS) 8.0 before 8.0.0.3624, and VirusScan Enterprise (VSE) 8.8 before P7 (8.8.0.1528) on Windows allows local administrators to bypass intended self-protection rules and disable the antivirus engine by modifying registry keys.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-04-14T13:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "20160304 McAfee VirusScan Enterprise security restrictions bypass", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2016/Mar/13", }, { tags: [ "x_refsource_MISC", ], url: "http://lab.mediaservice.net/advisory/2016-01-mcafee.txt", }, { name: "39531", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/39531/", }, { name: "1035130", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1035130", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10151", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2016-3984", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) before 2.0.1.140.1, Data Loss Prevention Endpoint (DLPe) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Device Control (MDC) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Endpoint Security (ENS) 10.x before 10.1, Host Intrusion Prevention Service (IPS) 8.0 before 8.0.0.3624, and VirusScan Enterprise (VSE) 8.8 before P7 (8.8.0.1528) on Windows allows local administrators to bypass intended self-protection rules and disable the antivirus engine by modifying registry keys.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "20160304 McAfee VirusScan Enterprise security restrictions bypass", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2016/Mar/13", }, { name: "http://lab.mediaservice.net/advisory/2016-01-mcafee.txt", refsource: "MISC", url: "http://lab.mediaservice.net/advisory/2016-01-mcafee.txt", }, { name: "39531", refsource: "EXPLOIT-DB", url: "https://www.exploit-db.com/exploits/39531/", }, { name: "1035130", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1035130", }, { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10151", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10151", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2016-3984", datePublished: "2016-04-08T15:00:00", dateReserved: "2016-04-08T00:00:00", dateUpdated: "2024-08-06T00:10:31.951Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-7276 (GCVE-0-2020-7276)
Vulnerability from cvelistv5
Published
2020-04-15 11:20
Modified
2024-09-17 01:01
Severity ?
EPSS score ?
Summary
Authentication bypass vulnerability in MfeUpgradeTool in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 April 2020 Update allows administrator users to access policy settings via running this tool.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10309 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee LLC | McAfee Endpoint Security (ENS) |
Version: 10.x < 10.7.0 April 2020 Update |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:25:48.636Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "McAfee Endpoint Security (ENS)", vendor: "McAfee LLC", versions: [ { lessThan: "10.7.0 April 2020 Update", status: "affected", version: "10.x", versionType: "custom", }, ], }, ], datePublic: "2020-04-14T00:00:00", descriptions: [ { lang: "en", value: "Authentication bypass vulnerability in MfeUpgradeTool in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 April 2020 Update allows administrator users to access policy settings via running this tool.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:H/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-287", description: "CWE-287 Improper Authentication", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-04-15T11:20:13", orgId: "01626437-bf8f-4d1c-912a-893b5eb04808", shortName: "trellix", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], source: { discovery: "INTERNAL", }, title: "Unrestricted Policy Management using MfeUpgradeTool.exe", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@mcafee.com", DATE_PUBLIC: "2020-04-14T00:00:00.000Z", ID: "CVE-2020-7276", STATE: "PUBLIC", TITLE: "Unrestricted Policy Management using MfeUpgradeTool.exe", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "McAfee Endpoint Security (ENS)", version: { version_data: [ { version_affected: "<", version_name: "10.x", version_value: "10.7.0 April 2020 Update", }, ], }, }, ], }, vendor_name: "McAfee LLC", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Authentication bypass vulnerability in MfeUpgradeTool in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 April 2020 Update allows administrator users to access policy settings via running this tool.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:H/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-287 Improper Authentication", }, ], }, ], }, references: { reference_data: [ { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], }, source: { discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "01626437-bf8f-4d1c-912a-893b5eb04808", assignerShortName: "trellix", cveId: "CVE-2020-7276", datePublished: "2020-04-15T11:20:13.263849Z", dateReserved: "2020-01-21T00:00:00", dateUpdated: "2024-09-17T01:01:18.516Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2021-31843 (GCVE-0-2021-31843)
Vulnerability from cvelistv5
Published
2021-09-17 13:40
Modified
2024-08-03 23:10
Severity ?
EPSS score ?
Summary
Improper privileges management vulnerability in McAfee Endpoint Security (ENS) Windows prior to 10.7.0 September 2021 Update allows local users to access files which they would otherwise not have access to via manipulating junction links to redirect McAfee folder operations to an unintended location.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10367 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee,LLC | McAfee Endpoint Security (ENS) for WIndows |
Version: unspecified < 10.7.0 September 2021 Update |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T23:10:30.554Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10367", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "McAfee Endpoint Security (ENS) for WIndows", vendor: "McAfee,LLC", versions: [ { lessThan: "10.7.0 September 2021 Update", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<p>Improper privileges management vulnerability in McAfee Endpoint Security (ENS) Windows prior to 10.7.0 September 2021 Update allows local users to access files which they would otherwise not have access to via manipulating junction links to redirect McAfee folder operations to an unintended location.</p>", }, ], value: "Improper privileges management vulnerability in McAfee Endpoint Security (ENS) Windows prior to 10.7.0 September 2021 Update allows local users to access files which they would otherwise not have access to via manipulating junction links to redirect McAfee folder operations to an unintended location.\n\n", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-59", description: "CWE-59: Improper Link Resolution Before File Access ('Link Following')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-20T08:40:35.457Z", orgId: "01626437-bf8f-4d1c-912a-893b5eb04808", shortName: "trellix", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10367", }, ], source: { discovery: "UNKNOWN", }, title: "Improper access control vulnerability in McAfee ENS for Windows", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@mcafee.com", ID: "CVE-2021-31843", STATE: "PUBLIC", TITLE: "Improper access control vulnerability in McAfee ENS for Windows", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "McAfee Endpoint Security (ENS) for WIndows", version: { version_data: [ { version_affected: "<", version_value: "10.7.0 September 2021 Update", }, ], }, }, ], }, vendor_name: "McAfee,LLC", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Improper privileges management vulnerability in McAfee Endpoint Security (ENS) Windows prior to 10.7.0 September 2021 Update allows local users to access files which they would otherwise not have access to via manipulating junction links to redirect McAfee folder operations to an unintended location.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-269: Improper Privileges Management", }, ], }, ], }, references: { reference_data: [ { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10367", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10367", }, ], }, source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "01626437-bf8f-4d1c-912a-893b5eb04808", assignerShortName: "trellix", cveId: "CVE-2021-31843", datePublished: "2021-09-17T13:40:12", dateReserved: "2021-04-27T00:00:00", dateUpdated: "2024-08-03T23:10:30.554Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2016-8010 (GCVE-0-2016-8010)
Vulnerability from cvelistv5
Published
2017-03-14 22:00
Modified
2024-08-06 02:13
Severity ?
EPSS score ?
Summary
Application protections bypass vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and earlier and Endpoint Security (ENS) 10.2 and earlier allows local users to bypass local security protection via a command-line utility.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/94661 | vdb-entry, x_refsource_BID | |
| https://kc.mcafee.com/corporate/index?page=content&id=SB10179 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Intel | McAfee Application Control (MAC) |
Version: 7.0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T02:13:21.791Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "94661", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/94661", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10179", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "McAfee Application Control (MAC)", vendor: "Intel", versions: [ { status: "affected", version: "7.0", }, ], }, ], datePublic: "2016-11-29T00:00:00", descriptions: [ { lang: "en", value: "Application protections bypass vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and earlier and Endpoint Security (ENS) 10.2 and earlier allows local users to bypass local security protection via a command-line utility.", }, ], problemTypes: [ { descriptions: [ { description: "Application protections bypass vulnerability", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-03-15T13:57:01", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { name: "94661", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/94661", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10179", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", ID: "CVE-2016-8010", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "McAfee Application Control (MAC)", version: { version_data: [ { version_value: "7.0", }, ], }, }, ], }, vendor_name: "Intel", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Application protections bypass vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and earlier and Endpoint Security (ENS) 10.2 and earlier allows local users to bypass local security protection via a command-line utility.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Application protections bypass vulnerability", }, ], }, ], }, references: { reference_data: [ { name: "94661", refsource: "BID", url: "http://www.securityfocus.com/bid/94661", }, { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10179", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10179", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2016-8010", datePublished: "2017-03-14T22:00:00", dateReserved: "2016-09-09T00:00:00", dateUpdated: "2024-08-06T02:13:21.791Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-7308 (GCVE-0-2020-7308)
Vulnerability from cvelistv5
Published
2021-04-15 07:40
Modified
2024-08-04 09:25
Severity ?
EPSS score ?
Summary
Cleartext Transmission of Sensitive Information between McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update and McAfee Global Threat Intelligence (GTI) servers using DNS allows a remote attacker to view the requests from ENS and responses from GTI over DNS. By gaining control of an intermediate DNS server or altering the network DNS configuration, it is possible for an attacker to intercept requests and send their own responses.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10354 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee,LLC | McAfee Endpoint Security (ENS) for WIndows |
Version: unspecified < 10.7.0 February 2021 Update |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:25:49.044Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10354", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "McAfee Endpoint Security (ENS) for WIndows", vendor: "McAfee,LLC", versions: [ { lessThan: "10.7.0 February 2021 Update", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Cleartext Transmission of Sensitive Information between McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update and McAfee Global Threat Intelligence (GTI) servers using DNS allows a remote attacker to view the requests from ENS and responses from GTI over DNS. By gaining control of an intermediate DNS server or altering the network DNS configuration, it is possible for an attacker to intercept requests and send their own responses.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-319", description: "CWE-319: Cleartext Transmission of Sensitive Information ", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-04-15T07:40:19", orgId: "01626437-bf8f-4d1c-912a-893b5eb04808", shortName: "trellix", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10354", }, ], source: { discovery: "EXTERNAL", }, title: "Transmission of data in clear text by McAfee ENS", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@mcafee.com", ID: "CVE-2020-7308", STATE: "PUBLIC", TITLE: "Transmission of data in clear text by McAfee ENS", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "McAfee Endpoint Security (ENS) for WIndows", version: { version_data: [ { version_affected: "<", version_value: "10.7.0 February 2021 Update", }, ], }, }, ], }, vendor_name: "McAfee,LLC", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Cleartext Transmission of Sensitive Information between McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update and McAfee Global Threat Intelligence (GTI) servers using DNS allows a remote attacker to view the requests from ENS and responses from GTI over DNS. By gaining control of an intermediate DNS server or altering the network DNS configuration, it is possible for an attacker to intercept requests and send their own responses.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-319: Cleartext Transmission of Sensitive Information ", }, ], }, ], }, references: { reference_data: [ { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10354", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10354", }, ], }, source: { discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "01626437-bf8f-4d1c-912a-893b5eb04808", assignerShortName: "trellix", cveId: "CVE-2020-7308", datePublished: "2021-04-15T07:40:19", dateReserved: "2020-01-21T00:00:00", dateUpdated: "2024-08-04T09:25:49.044Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-7263 (GCVE-0-2020-7263)
Vulnerability from cvelistv5
Published
2020-04-01 06:40
Modified
2024-09-16 23:05
Severity ?
EPSS score ?
Summary
Improper access control vulnerability in ESconfigTool.exe in McAfee Endpoint Security (ENS) for Windows all current versions allows local administrator to alter ENS configuration up to and including disabling all protection offered by ENS via insecurely implemented encryption of configuration for export and import.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10314 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee, LLC | Endpoint Security (ENS) for Window |
Version: 10.7.x < Version: 10.6.x < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:25:48.799Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10314", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Endpoint Security (ENS) for Window", vendor: "McAfee, LLC", versions: [ { lessThanOrEqual: "ENS 10.7.0 July 2020 Update", status: "affected", version: "10.7.x", versionType: "custom", }, { lessThanOrEqual: "ENS 10.6.1 July 2020 Update", status: "affected", version: "10.6.x", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "McAfee credits Donny Maasland from Fox-IT for reporting this flaw.", }, ], datePublic: "2020-06-21T00:00:00", descriptions: [ { lang: "en", value: "Improper access control vulnerability in ESconfigTool.exe in McAfee Endpoint Security (ENS) for Windows all current versions allows local administrator to alter ENS configuration up to and including disabling all protection offered by ENS via insecurely implemented encryption of configuration for export and import.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-264", description: "CWE-264 Permissions, Privileges, and Access Controls", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-22T16:50:15", orgId: "01626437-bf8f-4d1c-912a-893b5eb04808", shortName: "trellix", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10314", }, ], source: { discovery: "EXTERNAL", }, title: "ENS configuration can be edited by attacker with local administrator permissions", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@mcafee.com", DATE_PUBLIC: "2020-06-21T00:00:00.000Z", ID: "CVE-2020-7263", STATE: "PUBLIC", TITLE: "ENS configuration can be edited by attacker with local administrator permissions", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Endpoint Security (ENS) for Window", version: { version_data: [ { version_affected: "<=", version_name: "10.7.x", version_value: "ENS 10.7.0 July 2020 Update", }, { version_affected: "<=", version_name: "10.6.x", version_value: "ENS 10.6.1 July 2020 Update", }, ], }, }, ], }, vendor_name: "McAfee, LLC", }, ], }, }, credit: [ { lang: "eng", value: "McAfee credits Donny Maasland from Fox-IT for reporting this flaw.", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Improper access control vulnerability in ESconfigTool.exe in McAfee Endpoint Security (ENS) for Windows all current versions allows local administrator to alter ENS configuration up to and including disabling all protection offered by ENS via insecurely implemented encryption of configuration for export and import.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-264 Permissions, Privileges, and Access Controls", }, ], }, ], }, references: { reference_data: [ { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10314", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10314", }, ], }, source: { discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "01626437-bf8f-4d1c-912a-893b5eb04808", assignerShortName: "trellix", cveId: "CVE-2020-7263", datePublished: "2020-04-01T06:40:13.222326Z", dateReserved: "2020-01-21T00:00:00", dateUpdated: "2024-09-16T23:05:21.599Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-7275 (GCVE-0-2020-7275)
Vulnerability from cvelistv5
Published
2020-04-15 11:30
Modified
2024-09-17 00:05
Severity ?
EPSS score ?
Summary
Accessing, modifying or executing executable files vulnerability in the uninstaller in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to execute arbitrary code via a carefully crafted input file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10309 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee LLC | McAfee Endpoint Security (ENS) |
Version: 10.x < 10.7.0 April 2020 Update |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:25:48.886Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "McAfee Endpoint Security (ENS)", vendor: "McAfee LLC", versions: [ { lessThan: "10.7.0 April 2020 Update", status: "affected", version: "10.x", versionType: "custom", }, ], }, ], datePublic: "2020-04-14T00:00:00", descriptions: [ { lang: "en", value: "Accessing, modifying or executing executable files vulnerability in the uninstaller in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to execute arbitrary code via a carefully crafted input file.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-428", description: "CWE-428 Unquoted Search Path or Element", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-04-15T11:30:23", orgId: "01626437-bf8f-4d1c-912a-893b5eb04808", shortName: "trellix", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], source: { discovery: "INTERNAL", }, title: "Unquoted service paths for some McAfee ENS files", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@mcafee.com", DATE_PUBLIC: "2020-04-14T00:00:00.000Z", ID: "CVE-2020-7275", STATE: "PUBLIC", TITLE: "Unquoted service paths for some McAfee ENS files", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "McAfee Endpoint Security (ENS)", version: { version_data: [ { version_affected: "<", version_name: "10.x", version_value: "10.7.0 April 2020 Update", }, ], }, }, ], }, vendor_name: "McAfee LLC", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Accessing, modifying or executing executable files vulnerability in the uninstaller in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to execute arbitrary code via a carefully crafted input file.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-428 Unquoted Search Path or Element", }, ], }, ], }, references: { reference_data: [ { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], }, source: { discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "01626437-bf8f-4d1c-912a-893b5eb04808", assignerShortName: "trellix", cveId: "CVE-2020-7275", datePublished: "2020-04-15T11:30:23.536584Z", dateReserved: "2020-01-21T00:00:00", dateUpdated: "2024-09-17T00:05:29.685Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-7255 (GCVE-0-2020-7255)
Vulnerability from cvelistv5
Published
2020-04-15 12:45
Modified
2024-09-16 22:01
Severity ?
EPSS score ?
Summary
Privilege escalation vulnerability in the administrative user interface in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows local users to gain elevated privileges via ENS not checking user permissions when editing configuration in the ENS client interface. Administrators can lock the ENS client interface through ePO to prevent users being able to edit the configuration.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10309 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee LLC | McAfee Endpoint Security (ENS) |
Version: 10.x < 10.7.0 April 2020 Update |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:25:48.605Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "McAfee Endpoint Security (ENS)", vendor: "McAfee LLC", versions: [ { lessThan: "10.7.0 April 2020 Update", status: "affected", version: "10.x", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "McAfee credits Lockheed Martin Red Team for reporting this flaw", }, ], datePublic: "2020-04-14T00:00:00", descriptions: [ { lang: "en", value: "Privilege escalation vulnerability in the administrative user interface in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows local users to gain elevated privileges via ENS not checking user permissions when editing configuration in the ENS client interface. Administrators can lock the ENS client interface through ePO to prevent users being able to edit the configuration.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.9, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-264", description: "CWE-264 Permissions, Privileges, and Access Controls", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-04-15T12:45:20", orgId: "01626437-bf8f-4d1c-912a-893b5eb04808", shortName: "trellix", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], source: { discovery: "EXTERNAL", }, title: "Privilege Escalation vulnerability in ENS", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@mcafee.com", DATE_PUBLIC: "2020-04-14T00:00:00.000Z", ID: "CVE-2020-7255", STATE: "PUBLIC", TITLE: "Privilege Escalation vulnerability in ENS", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "McAfee Endpoint Security (ENS)", version: { version_data: [ { version_affected: "<", version_name: "10.x", version_value: "10.7.0 April 2020 Update", }, ], }, }, ], }, vendor_name: "McAfee LLC", }, ], }, }, credit: [ { lang: "eng", value: "McAfee credits Lockheed Martin Red Team for reporting this flaw", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Privilege escalation vulnerability in the administrative user interface in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows local users to gain elevated privileges via ENS not checking user permissions when editing configuration in the ENS client interface. Administrators can lock the ENS client interface through ePO to prevent users being able to edit the configuration.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.9, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-264 Permissions, Privileges, and Access Controls", }, ], }, ], }, references: { reference_data: [ { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], }, source: { discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "01626437-bf8f-4d1c-912a-893b5eb04808", assignerShortName: "trellix", cveId: "CVE-2020-7255", datePublished: "2020-04-15T12:45:20.103026Z", dateReserved: "2020-01-21T00:00:00", dateUpdated: "2024-09-16T22:01:36.891Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-7319 (GCVE-0-2020-7319)
Vulnerability from cvelistv5
Published
2020-09-09 09:15
Modified
2024-09-16 19:04
Severity ?
EPSS score ?
Summary
Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local users to access files which the user otherwise would not have access to via manipulating symbolic links to redirect McAfee file operations to an unintended file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10327 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee LLC | Endpoint Security for Windows |
Version: 10.7.x < 10.7.0 September 2020 Update |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:25:49.098Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10327", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Endpoint Security for Windows", vendor: "McAfee LLC", versions: [ { lessThan: "10.7.0 September 2020 Update", status: "affected", version: "10.7.x", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "McAfee credits Jakub Palaczynski (ING Tech Poland) for responsibly reporting this flaw.", }, ], datePublic: "2020-09-08T00:00:00", descriptions: [ { lang: "en", value: "Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local users to access files which the user otherwise would not have access to via manipulating symbolic links to redirect McAfee file operations to an unintended file.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-59", description: "CWE-59: Improper Link Resolution Before File Access ('Link Following')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-09-09T09:15:20", orgId: "01626437-bf8f-4d1c-912a-893b5eb04808", shortName: "trellix", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10327", }, ], source: { discovery: "EXTERNAL", }, title: "Improper Access Control Vulnerability in ENS for Windows", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@mcafee.com", DATE_PUBLIC: "2020-09-08T00:00:00.000Z", ID: "CVE-2020-7319", STATE: "PUBLIC", TITLE: "Improper Access Control Vulnerability in ENS for Windows", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Endpoint Security for Windows", version: { version_data: [ { version_affected: "<", version_name: "10.7.x", version_value: "10.7.0 September 2020 Update", }, ], }, }, ], }, vendor_name: "McAfee LLC", }, ], }, }, credit: [ { lang: "eng", value: "McAfee credits Jakub Palaczynski (ING Tech Poland) for responsibly reporting this flaw.", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local users to access files which the user otherwise would not have access to via manipulating symbolic links to redirect McAfee file operations to an unintended file.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-59: Improper Link Resolution Before File Access ('Link Following')", }, ], }, ], }, references: { reference_data: [ { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10327", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10327", }, ], }, source: { discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "01626437-bf8f-4d1c-912a-893b5eb04808", assignerShortName: "trellix", cveId: "CVE-2020-7319", datePublished: "2020-09-09T09:15:20.238710Z", dateReserved: "2020-01-21T00:00:00", dateUpdated: "2024-09-16T19:04:56.998Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-7331 (GCVE-0-2020-7331)
Vulnerability from cvelistv5
Published
2020-11-12 09:40
Modified
2024-09-16 18:18
Severity ?
EPSS score ?
Summary
Unquoted service executable path in McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows local users to cause a denial of service and malicious file execution via carefully crafted and named executable files.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10335 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee, LLC | McAfee Endpoint Security (ENS) |
Version: prior to 10.7.0 November 2020 Update |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:25:49.015Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10335", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "McAfee Endpoint Security (ENS)", vendor: "McAfee, LLC", versions: [ { status: "affected", version: "prior to 10.7.0 November 2020 Update", }, ], }, ], credits: [ { lang: "en", value: "McAfee credits Lockheed Martin Red Team for responsibly reporting this flaw.", }, ], datePublic: "2020-11-10T00:00:00", descriptions: [ { lang: "en", value: "Unquoted service executable path in McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows local users to cause a denial of service and malicious file execution via carefully crafted and named executable files.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-428", description: "CWE-428 Unquoted Search Path or Element", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-11-12T09:40:13", orgId: "01626437-bf8f-4d1c-912a-893b5eb04808", shortName: "trellix", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10335", }, ], source: { discovery: "EXTERNAL", }, title: "Unquoted service executable path in McAfee Endpoint Security (ENS)", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@mcafee.com", DATE_PUBLIC: "2020-11-10T00:00:00.000Z", ID: "CVE-2020-7331", STATE: "PUBLIC", TITLE: "Unquoted service executable path in McAfee Endpoint Security (ENS)", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "McAfee Endpoint Security (ENS)", version: { version_data: [ { version_value: "prior to 10.7.0 November 2020 Update", }, ], }, }, ], }, vendor_name: "McAfee, LLC", }, ], }, }, credit: [ { lang: "eng", value: "McAfee credits Lockheed Martin Red Team for responsibly reporting this flaw.", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Unquoted service executable path in McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows local users to cause a denial of service and malicious file execution via carefully crafted and named executable files.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-428 Unquoted Search Path or Element", }, ], }, ], }, references: { reference_data: [ { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10335", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10335", }, ], }, source: { discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "01626437-bf8f-4d1c-912a-893b5eb04808", assignerShortName: "trellix", cveId: "CVE-2020-7331", datePublished: "2020-11-12T09:40:13.442009Z", dateReserved: "2020-01-21T00:00:00", dateUpdated: "2024-09-16T18:18:41.482Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-7265 (GCVE-0-2020-7265)
Vulnerability from cvelistv5
Published
2020-05-08 11:50
Modified
2024-09-16 20:42
Severity ?
EPSS score ?
Summary
Privilege Escalation vulnerability in McAfee Endpoint Security (ENS) for Mac prior to 10.6.9 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10316 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee,LLC | McAfee Endpoint Security (ENS) for Mac |
Version: 10.6.x < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:25:48.917Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10316", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "McAfee Endpoint Security (ENS) for Mac", vendor: "McAfee,LLC", versions: [ { lessThanOrEqual: "10.6.9", status: "affected", version: "10.6.x", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Rack911 Labs discovered this vulnerability.", }, ], datePublic: "2020-05-07T00:00:00", descriptions: [ { lang: "en", value: "Privilege Escalation vulnerability in McAfee Endpoint Security (ENS) for Mac prior to 10.6.9 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-274", description: "CWE-274 Improper Handling of Insufficient Privileges", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-05-08T11:50:14", orgId: "01626437-bf8f-4d1c-912a-893b5eb04808", shortName: "trellix", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10316", }, ], source: { discovery: "EXTERNAL", }, title: "Privilege Escalation vulnerability through symbolic links in ENSM", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@mcafee.com", DATE_PUBLIC: "2020-05-07T00:00:00.000Z", ID: "CVE-2020-7265", STATE: "PUBLIC", TITLE: "Privilege Escalation vulnerability through symbolic links in ENSM", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "McAfee Endpoint Security (ENS) for Mac", version: { version_data: [ { version_affected: "<=", version_name: "10.6.x", version_value: "10.6.9", }, ], }, }, ], }, vendor_name: "McAfee,LLC", }, ], }, }, credit: [ { lang: "eng", value: "Rack911 Labs discovered this vulnerability.", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Privilege Escalation vulnerability in McAfee Endpoint Security (ENS) for Mac prior to 10.6.9 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-274 Improper Handling of Insufficient Privileges", }, ], }, ], }, references: { reference_data: [ { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10316", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10316", }, ], }, source: { discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "01626437-bf8f-4d1c-912a-893b5eb04808", assignerShortName: "trellix", cveId: "CVE-2020-7265", datePublished: "2020-05-08T11:50:14.514170Z", dateReserved: "2020-01-21T00:00:00", dateUpdated: "2024-09-16T20:42:09.215Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-7320 (GCVE-0-2020-7320)
Vulnerability from cvelistv5
Published
2020-09-09 09:15
Modified
2024-09-16 19:09
Severity ?
EPSS score ?
Summary
Protection Mechanism Failure vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local administrator to temporarily reduce the detection capability allowing otherwise detected malware to run via stopping certain Microsoft services.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10327 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee LLC | Endpoint Security for Windows |
Version: 10.7.x < 10.7.0 September 2020 Update |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:25:48.971Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10327", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Endpoint Security for Windows", vendor: "McAfee LLC", versions: [ { lessThan: "10.7.0 September 2020 Update", status: "affected", version: "10.7.x", versionType: "custom", }, ], }, ], datePublic: "2020-09-08T00:00:00", descriptions: [ { lang: "en", value: "Protection Mechanism Failure vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local administrator to temporarily reduce the detection capability allowing otherwise detected malware to run via stopping certain Microsoft services.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-693", description: "CWE-693 Protection Mechanism Failure", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-09-09T09:15:14", orgId: "01626437-bf8f-4d1c-912a-893b5eb04808", shortName: "trellix", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10327", }, ], source: { discovery: "INTERNAL", }, title: "Protection Mechanism Failure in ENS for Windows", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@mcafee.com", DATE_PUBLIC: "2020-09-08T00:00:00.000Z", ID: "CVE-2020-7320", STATE: "PUBLIC", TITLE: "Protection Mechanism Failure in ENS for Windows", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Endpoint Security for Windows", version: { version_data: [ { version_affected: "<", version_name: "10.7.x", version_value: "10.7.0 September 2020 Update", }, ], }, }, ], }, vendor_name: "McAfee LLC", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Protection Mechanism Failure vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local administrator to temporarily reduce the detection capability allowing otherwise detected malware to run via stopping certain Microsoft services.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-693 Protection Mechanism Failure", }, ], }, ], }, references: { reference_data: [ { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10327", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10327", }, ], }, source: { discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "01626437-bf8f-4d1c-912a-893b5eb04808", assignerShortName: "trellix", cveId: "CVE-2020-7320", datePublished: "2020-09-09T09:15:14.912039Z", dateReserved: "2020-01-21T00:00:00", dateUpdated: "2024-09-16T19:09:55.110Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-7278 (GCVE-0-2020-7278)
Vulnerability from cvelistv5
Published
2020-04-15 09:25
Modified
2024-09-16 20:16
Severity ?
EPSS score ?
Summary
Exploiting incorrectly configured access control security levels vulnerability in ENS Firewall in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 April 2020 and 10.6.1 April 2020 updates allows remote attackers and local users to allow or block unauthorized traffic via pre-existing rules not being handled correctly when updating to the February 2020 updates.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10309 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee LLC | McAfee Endpoint Security (ENS) |
Version: 10.7.x < 10.7.0 April 2020 Update Version: 10.6.x < 10.6.1 April 2020 Update |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:25:48.499Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "McAfee Endpoint Security (ENS)", vendor: "McAfee LLC", versions: [ { lessThan: "10.7.0 April 2020 Update", status: "affected", version: "10.7.x", versionType: "custom", }, { lessThan: "10.6.1 April 2020 Update", status: "affected", version: "10.6.x", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "McAfee credits EZ for reporting this flaw", }, ], datePublic: "2020-04-14T00:00:00", descriptions: [ { lang: "en", value: "Exploiting incorrectly configured access control security levels vulnerability in ENS Firewall in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 April 2020 and 10.6.1 April 2020 updates allows remote attackers and local users to allow or block unauthorized traffic via pre-existing rules not being handled correctly when updating to the February 2020 updates.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-284", description: "CWE-284 Improper Access Control", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-04-15T09:25:13", orgId: "01626437-bf8f-4d1c-912a-893b5eb04808", shortName: "trellix", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], source: { discovery: "EXTERNAL", }, title: "McAfee firewall rules not enforced correctly", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@mcafee.com", DATE_PUBLIC: "2020-04-14T00:00:00.000Z", ID: "CVE-2020-7278", STATE: "PUBLIC", TITLE: "McAfee firewall rules not enforced correctly", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "McAfee Endpoint Security (ENS)", version: { version_data: [ { version_affected: "<", version_name: "10.7.x", version_value: "10.7.0 April 2020 Update", }, { version_affected: "<", version_name: "10.6.x", version_value: "10.6.1 April 2020 Update", }, ], }, }, ], }, vendor_name: "McAfee LLC", }, ], }, }, credit: [ { lang: "eng", value: "McAfee credits EZ for reporting this flaw", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Exploiting incorrectly configured access control security levels vulnerability in ENS Firewall in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 April 2020 and 10.6.1 April 2020 updates allows remote attackers and local users to allow or block unauthorized traffic via pre-existing rules not being handled correctly when updating to the February 2020 updates.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-284 Improper Access Control", }, ], }, ], }, references: { reference_data: [ { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], }, source: { discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "01626437-bf8f-4d1c-912a-893b5eb04808", assignerShortName: "trellix", cveId: "CVE-2020-7278", datePublished: "2020-04-15T09:25:13.767287Z", dateReserved: "2020-01-21T00:00:00", dateUpdated: "2024-09-16T20:16:22.772Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-7333 (GCVE-0-2020-7333)
Vulnerability from cvelistv5
Published
2020-11-12 09:50
Modified
2024-09-16 19:45
Severity ?
EPSS score ?
Summary
Cross site scripting vulnerability in the firewall ePO extension of McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows administrators to inject arbitrary web script or HTML via the configuration wizard.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10335 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Mcafee, LLC | Endpoint Security for Windows |
Version: 10.7.x < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:25:49.147Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10335", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Endpoint Security for Windows", vendor: "Mcafee, LLC", versions: [ { lessThanOrEqual: "10.7.0 September 2020 Update", status: "affected", version: "10.7.x", versionType: "custom", }, ], }, ], datePublic: "2020-11-11T00:00:00", descriptions: [ { lang: "en", value: "Cross site scripting vulnerability in the firewall ePO extension of McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows administrators to inject arbitrary web script or HTML via the configuration wizard.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Cross-site Scripting (XSS)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-11-12T09:50:14", orgId: "01626437-bf8f-4d1c-912a-893b5eb04808", shortName: "trellix", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10335", }, ], source: { discovery: "INTERNAL", }, title: "Cross-site Scripting (XSS) in firewall ePO extension of McAfee Endpoint Security (ENS)", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@mcafee.com", DATE_PUBLIC: "2020-11-11T00:00:00.000Z", ID: "CVE-2020-7333", STATE: "PUBLIC", TITLE: "Cross-site Scripting (XSS) in firewall ePO extension of McAfee Endpoint Security (ENS)", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Endpoint Security for Windows", version: { version_data: [ { version_affected: "<=", version_name: "10.7.x", version_value: "10.7.0 September 2020 Update", }, ], }, }, ], }, vendor_name: "Mcafee, LLC", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Cross site scripting vulnerability in the firewall ePO extension of McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows administrators to inject arbitrary web script or HTML via the configuration wizard.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-79 Cross-site Scripting (XSS)", }, ], }, ], }, references: { reference_data: [ { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10335", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10335", }, ], }, source: { discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "01626437-bf8f-4d1c-912a-893b5eb04808", assignerShortName: "trellix", cveId: "CVE-2020-7333", datePublished: "2020-11-12T09:50:14.822195Z", dateReserved: "2020-01-21T00:00:00", dateUpdated: "2024-09-16T19:45:59.328Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2017-4028 (GCVE-0-2017-4028)
Vulnerability from cvelistv5
Published
2018-04-03 22:00
Modified
2024-09-17 01:25
Severity ?
EPSS score ?
Summary
Maliciously misconfigured registry vulnerability in all Microsoft Windows products in McAfee consumer and corporate products allows an administrator to inject arbitrary code into a debugged McAfee process via manipulation of registry parameters.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10193 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/97958 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | McAfee | McAfee Anti-Virus Plus (AVP) |
Version: 170329 < 29 Mar 2017 |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T14:39:41.295Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10193", }, { name: "97958", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/97958", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "McAfee Anti-Virus Plus (AVP)", vendor: "McAfee", versions: [ { lessThan: "29 Mar 2017", status: "affected", version: "170329", versionType: "custom", }, ], }, { product: "McAfee Endpoint Security (ENS)", vendor: "McAfee", versions: [ { lessThan: "10.2 DAT V3 DAT 2932.0", status: "affected", version: "10.2", versionType: "custom", }, ], }, { product: "McAfee Host Intrusion Prevention (Host IPS)", vendor: "McAfee", versions: [ { lessThan: "8.0 Patch 9 Hotfix 1188590", status: "affected", version: "8.0", versionType: "custom", }, ], }, { product: "McAfee Internet Security (MIS)", vendor: "McAfee", versions: [ { lessThan: "29 Mar 2017", status: "affected", version: "170329", versionType: "custom", }, ], }, { product: "McAfee Total Protection (MTP)", vendor: "McAfee", versions: [ { lessThan: "29 Mar 2017", status: "affected", version: "170329", versionType: "custom", }, ], }, { product: "McAfee Virus Scan Enterprise (VSE)", vendor: "McAfee", versions: [ { lessThan: "8.8 Patch 8/9 Hotfix 1187884", status: "affected", version: "8.8", versionType: "custom", }, ], }, ], datePublic: "2017-05-12T00:00:00", descriptions: [ { lang: "en", value: "Maliciously misconfigured registry vulnerability in all Microsoft Windows products in McAfee consumer and corporate products allows an administrator to inject arbitrary code into a debugged McAfee process via manipulation of registry parameters.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:N/I:H/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "Maliciously misconfigured registry vulnerability", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-04-04T09:57:01", orgId: "01626437-bf8f-4d1c-912a-893b5eb04808", shortName: "trellix", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10193", }, { name: "97958", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/97958", }, ], source: { advisory: "SB10193", discovery: "EXTERNAL", }, title: "SB10193 - consumer and corporate products - Maliciously misconfigured registry vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@mcafee.com", DATE_PUBLIC: "2017-05-12T17:00:00.000Z", ID: "CVE-2017-4028", STATE: "PUBLIC", TITLE: "SB10193 - consumer and corporate products - Maliciously misconfigured registry vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "McAfee Anti-Virus Plus (AVP)", version: { version_data: [ { affected: "<", version_affected: "<", version_name: "170329", version_value: "29 Mar 2017", }, ], }, }, { product_name: "McAfee Endpoint Security (ENS)", version: { version_data: [ { affected: "<", version_affected: "<", version_name: "10.2", version_value: "10.2 DAT V3 DAT 2932.0", }, ], }, }, { product_name: "McAfee Host Intrusion Prevention (Host IPS)", version: { version_data: [ { affected: "<", version_affected: "<", version_name: "8.0", version_value: "8.0 Patch 9 Hotfix 1188590", }, ], }, }, { product_name: "McAfee Internet Security (MIS)", version: { version_data: [ { affected: "<", version_affected: "<", version_name: "170329", version_value: "29 Mar 2017", }, ], }, }, { product_name: "McAfee Total Protection (MTP)", version: { version_data: [ { affected: "<", version_affected: "<", version_name: "170329", version_value: "29 Mar 2017", }, ], }, }, { product_name: "McAfee Virus Scan Enterprise (VSE)", version: { version_data: [ { affected: "<", version_affected: "<", version_name: "8.8", version_value: "8.8 Patch 8/9 Hotfix 1187884", }, ], }, }, ], }, vendor_name: "McAfee", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Maliciously misconfigured registry vulnerability in all Microsoft Windows products in McAfee consumer and corporate products allows an administrator to inject arbitrary code into a debugged McAfee process via manipulation of registry parameters.", }, ], }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:N/I:H/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Maliciously misconfigured registry vulnerability", }, ], }, ], }, references: { reference_data: [ { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10193", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10193", }, { name: "97958", refsource: "BID", url: "http://www.securityfocus.com/bid/97958", }, ], }, source: { advisory: "SB10193", discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "01626437-bf8f-4d1c-912a-893b5eb04808", assignerShortName: "trellix", cveId: "CVE-2017-4028", datePublished: "2018-04-03T22:00:00Z", dateReserved: "2016-12-26T00:00:00", dateUpdated: "2024-09-17T01:25:40.091Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-7257 (GCVE-0-2020-7257)
Vulnerability from cvelistv5
Published
2020-04-15 12:00
Modified
2024-09-16 20:38
Severity ?
EPSS score ?
Summary
Privilege escalation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows local users to cause the deletion and creation of files they would not normally have permission to through altering the target of symbolic links whilst an anti-virus scan was in progress. This is timing dependent.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10309 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee LLC | McAfee Endpoint Security (ENS) |
Version: 10.x < 10.7.0 April 2020 Update |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:25:48.988Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "McAfee Endpoint Security (ENS)", vendor: "McAfee LLC", versions: [ { lessThan: "10.7.0 April 2020 Update", status: "affected", version: "10.x", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "McAfee credits Jakub Palaczynski (ING Tech Poland) for reporting this flaw", }, ], datePublic: "2020-04-14T00:00:00", descriptions: [ { lang: "en", value: "Privilege escalation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows local users to cause the deletion and creation of files they would not normally have permission to through altering the target of symbolic links whilst an anti-virus scan was in progress. This is timing dependent.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-264", description: "CWE-264 Permissions, Privileges, and Access Controls", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-04-15T12:00:19", orgId: "01626437-bf8f-4d1c-912a-893b5eb04808", shortName: "trellix", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], source: { discovery: "EXTERNAL", }, title: "Privilege Escalation vulnerability through Symbolic links in ENS", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@mcafee.com", DATE_PUBLIC: "2020-04-14T00:00:00.000Z", ID: "CVE-2020-7257", STATE: "PUBLIC", TITLE: "Privilege Escalation vulnerability through Symbolic links in ENS", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "McAfee Endpoint Security (ENS)", version: { version_data: [ { version_affected: "<", version_name: "10.x", version_value: "10.7.0 April 2020 Update", }, ], }, }, ], }, vendor_name: "McAfee LLC", }, ], }, }, credit: [ { lang: "eng", value: "McAfee credits Jakub Palaczynski (ING Tech Poland) for reporting this flaw", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Privilege escalation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows local users to cause the deletion and creation of files they would not normally have permission to through altering the target of symbolic links whilst an anti-virus scan was in progress. This is timing dependent.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-264 Permissions, Privileges, and Access Controls", }, ], }, ], }, references: { reference_data: [ { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], }, source: { discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "01626437-bf8f-4d1c-912a-893b5eb04808", assignerShortName: "trellix", cveId: "CVE-2020-7257", datePublished: "2020-04-15T12:00:19.206812Z", dateReserved: "2020-01-21T00:00:00", dateUpdated: "2024-09-16T20:38:08.253Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2019-3586 (GCVE-0-2019-3586)
Vulnerability from cvelistv5
Published
2019-05-15 15:48
Modified
2024-08-04 19:12
Severity ?
EPSS score ?
Summary
Protection Mechanism Failure in the Firewall in McAfee Endpoint Security (ENS) 10.x prior to 10.6.1 May 2019 update allows context-dependent attackers to circumvent ENS protection where GTI flagged IP addresses are not blocked by the ENS Firewall via specially crafted malicious sites where the GTI reputation is carefully manipulated and does not correctly trigger the ENS Firewall to block the connection.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10280 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/108416 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee, LLC | McAfee Endpoint Security (ENS) |
Version: 10.x < 10.6.1 May 2019 update |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T19:12:09.414Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10280", }, { name: "108416", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/108416", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "McAfee Endpoint Security (ENS)", vendor: "McAfee, LLC", versions: [ { lessThan: "10.6.1 May 2019 update", status: "affected", version: "10.x", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Protection Mechanism Failure in the Firewall in McAfee Endpoint Security (ENS) 10.x prior to 10.6.1 May 2019 update allows context-dependent attackers to circumvent ENS protection where GTI flagged IP addresses are not blocked by the ENS Firewall via specially crafted malicious sites where the GTI reputation is carefully manipulated and does not correctly trigger the ENS Firewall to block the connection.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-693", description: "CWE-693 Protection Mechanism Failure", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-05-22T11:06:04", orgId: "01626437-bf8f-4d1c-912a-893b5eb04808", shortName: "trellix", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10280", }, { name: "108416", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/108416", }, ], source: { discovery: "EXTERNAL", }, title: "McAfee Endpoint Security firewall not always acting on GTI lookup results", x_generator: { engine: "Vulnogram 0.0.6", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@mcafee.com", ID: "CVE-2019-3586", STATE: "PUBLIC", TITLE: "McAfee Endpoint Security firewall not always acting on GTI lookup results", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "McAfee Endpoint Security (ENS)", version: { version_data: [ { version_affected: "<", version_name: "10.x", version_value: "10.6.1 May 2019 update", }, ], }, }, ], }, vendor_name: "McAfee, LLC", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Protection Mechanism Failure in the Firewall in McAfee Endpoint Security (ENS) 10.x prior to 10.6.1 May 2019 update allows context-dependent attackers to circumvent ENS protection where GTI flagged IP addresses are not blocked by the ENS Firewall via specially crafted malicious sites where the GTI reputation is carefully manipulated and does not correctly trigger the ENS Firewall to block the connection.", }, ], }, generator: { engine: "Vulnogram 0.0.6", }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-693 Protection Mechanism Failure", }, ], }, ], }, references: { reference_data: [ { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10280", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10280", }, { name: "108416", refsource: "BID", url: "http://www.securityfocus.com/bid/108416", }, ], }, source: { discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "01626437-bf8f-4d1c-912a-893b5eb04808", assignerShortName: "trellix", cveId: "CVE-2019-3586", datePublished: "2019-05-15T15:48:10", dateReserved: "2019-01-03T00:00:00", dateUpdated: "2024-08-04T19:12:09.414Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-7250 (GCVE-0-2020-7250)
Vulnerability from cvelistv5
Published
2020-04-15 12:45
Modified
2024-09-16 17:18
Severity ?
EPSS score ?
Summary
Symbolic link manipulation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows authenticated local user to potentially gain an escalation of privileges by pointing the link to files which the user which not normally have permission to alter via carefully creating symbolic links from the ENS log file directory.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10309 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee LLC | McAfee Endpoint Security (ENS) |
Version: 10.x < 10.7.0 April 2020 Update |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:25:48.498Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "McAfee Endpoint Security (ENS)", vendor: "McAfee LLC", versions: [ { lessThan: "10.7.0 April 2020 Update", status: "affected", version: "10.x", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "McAfee credits Jakub Palaczynski (ING Tech Poland) and Eran Shimony (CyberArk) for independently reporting this flaw", }, ], datePublic: "2020-04-14T00:00:00", descriptions: [ { lang: "en", value: "Symbolic link manipulation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows authenticated local user to potentially gain an escalation of privileges by pointing the link to files which the user which not normally have permission to alter via carefully creating symbolic links from the ENS log file directory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-59", description: "CWE-59 Improper Link Resolution Before File Access ('Link Following')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-04-15T12:45:14", orgId: "01626437-bf8f-4d1c-912a-893b5eb04808", shortName: "trellix", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], source: { discovery: "EXTERNAL", }, title: "ENS symbolic link log file manipulation vulnerability", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@mcafee.com", DATE_PUBLIC: "2020-04-14T00:00:00.000Z", ID: "CVE-2020-7250", STATE: "PUBLIC", TITLE: "ENS symbolic link log file manipulation vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "McAfee Endpoint Security (ENS)", version: { version_data: [ { version_affected: "<", version_name: "10.x", version_value: "10.7.0 April 2020 Update", }, ], }, }, ], }, vendor_name: "McAfee LLC", }, ], }, }, credit: [ { lang: "eng", value: "McAfee credits Jakub Palaczynski (ING Tech Poland) and Eran Shimony (CyberArk) for independently reporting this flaw", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Symbolic link manipulation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows authenticated local user to potentially gain an escalation of privileges by pointing the link to files which the user which not normally have permission to alter via carefully creating symbolic links from the ENS log file directory.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-59 Improper Link Resolution Before File Access ('Link Following')", }, ], }, ], }, references: { reference_data: [ { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], }, source: { discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "01626437-bf8f-4d1c-912a-893b5eb04808", assignerShortName: "trellix", cveId: "CVE-2020-7250", datePublished: "2020-04-15T12:45:14.302136Z", dateReserved: "2020-01-21T00:00:00", dateUpdated: "2024-09-16T17:18:05.249Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-7323 (GCVE-0-2020-7323)
Vulnerability from cvelistv5
Published
2020-09-09 09:35
Modified
2024-09-17 01:26
Severity ?
EPSS score ?
Summary
Authentication Protection Bypass vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows physical local users to bypass the Windows lock screen via triggering certain detection events while the computer screen is locked and the McTray.exe is running with elevated privileges. This issue is timing dependent and requires physical access to the machine.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10327 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee LLC | Endpoint Security for Windows |
Version: 10.7.x < 10.7.0 September 2020 Update |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:25:48.981Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10327", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Endpoint Security for Windows", vendor: "McAfee LLC", versions: [ { lessThan: "10.7.0 September 2020 Update", status: "affected", version: "10.7.x", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "McAfee credits Lockheed Martin Red Team for responsibly reporting this flaw.", }, ], datePublic: "2020-09-08T00:00:00", descriptions: [ { lang: "en", value: "Authentication Protection Bypass vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows physical local users to bypass the Windows lock screen via triggering certain detection events while the computer screen is locked and the McTray.exe is running with elevated privileges. This issue is timing dependent and requires physical access to the machine.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "PHYSICAL", availabilityImpact: "LOW", baseScore: 6.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-287", description: "CWE-287: Improper Authentication", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-09-09T09:35:14", orgId: "01626437-bf8f-4d1c-912a-893b5eb04808", shortName: "trellix", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10327", }, ], source: { discovery: "EXTERNAL", }, title: "Authentication Protection Bypass vulnerability in ENS for Windows", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@mcafee.com", DATE_PUBLIC: "2020-09-08T00:00:00.000Z", ID: "CVE-2020-7323", STATE: "PUBLIC", TITLE: "Authentication Protection Bypass vulnerability in ENS for Windows", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Endpoint Security for Windows", version: { version_data: [ { version_affected: "<", version_name: "10.7.x", version_value: "10.7.0 September 2020 Update", }, ], }, }, ], }, vendor_name: "McAfee LLC", }, ], }, }, credit: [ { lang: "eng", value: "McAfee credits Lockheed Martin Red Team for responsibly reporting this flaw.", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Authentication Protection Bypass vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows physical local users to bypass the Windows lock screen via triggering certain detection events while the computer screen is locked and the McTray.exe is running with elevated privileges. This issue is timing dependent and requires physical access to the machine.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "PHYSICAL", availabilityImpact: "LOW", baseScore: 6.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-287: Improper Authentication", }, ], }, ], }, references: { reference_data: [ { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10327", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10327", }, ], }, source: { discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "01626437-bf8f-4d1c-912a-893b5eb04808", assignerShortName: "trellix", cveId: "CVE-2020-7323", datePublished: "2020-09-09T09:35:14.968200Z", dateReserved: "2020-01-21T00:00:00", dateUpdated: "2024-09-17T01:26:01.081Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-7264 (GCVE-0-2020-7264)
Vulnerability from cvelistv5
Published
2020-05-08 11:45
Modified
2024-09-17 02:57
Severity ?
EPSS score ?
Summary
Privilege Escalation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 Hotfix 199847 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10316 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee,LLC | McAfee Endpoint Security (ENS) for Windows |
Version: 10.7.x < 10.7.0 Hotfix 199847 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:25:48.690Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10316", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "McAfee Endpoint Security (ENS) for Windows", vendor: "McAfee,LLC", versions: [ { lessThan: "10.7.0 Hotfix 199847", status: "affected", version: "10.7.x", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Rack911 Labs discovered this vulnerability.", }, ], datePublic: "2020-05-07T00:00:00", descriptions: [ { lang: "en", value: "Privilege Escalation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 Hotfix 199847 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-274", description: "CWE-274 Improper Handling of Insufficient Privileges", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-05-08T11:45:13", orgId: "01626437-bf8f-4d1c-912a-893b5eb04808", shortName: "trellix", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10316", }, ], source: { discovery: "EXTERNAL", }, title: "Privilege Escalation vulnerability through symbolic links in ENS for Windows", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@mcafee.com", DATE_PUBLIC: "2020-05-07T00:00:00.000Z", ID: "CVE-2020-7264", STATE: "PUBLIC", TITLE: "Privilege Escalation vulnerability through symbolic links in ENS for Windows", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "McAfee Endpoint Security (ENS) for Windows", version: { version_data: [ { version_affected: "<", version_name: "10.7.x", version_value: "10.7.0 Hotfix 199847", }, ], }, }, ], }, vendor_name: "McAfee,LLC", }, ], }, }, credit: [ { lang: "eng", value: "Rack911 Labs discovered this vulnerability.", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Privilege Escalation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 Hotfix 199847 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-274 Improper Handling of Insufficient Privileges", }, ], }, ], }, references: { reference_data: [ { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10316", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10316", }, ], }, source: { discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "01626437-bf8f-4d1c-912a-893b5eb04808", assignerShortName: "trellix", cveId: "CVE-2020-7264", datePublished: "2020-05-08T11:45:14.046242Z", dateReserved: "2020-01-21T00:00:00", dateUpdated: "2024-09-17T02:57:21.298Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2021-23878 (GCVE-0-2021-23878)
Vulnerability from cvelistv5
Published
2021-02-10 09:10
Modified
2024-09-16 19:41
Severity ?
EPSS score ?
Summary
Clear text storage of sensitive Information in memory vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows a local user to view ENS settings and credentials via accessing process memory after the ENS administrator has performed specific actions. To exploit this, the local user has to access the relevant memory location immediately after an ENS administrator has made a configuration change through the console on their machine
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10345 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee LLC | Endpoint Security (ENS) for Windows |
Version: 10.7.x < 10.7.0 February 2021 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T19:14:09.386Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10345", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Endpoint Security (ENS) for Windows", vendor: "McAfee LLC", versions: [ { lessThan: "10.7.0 February 2021", status: "affected", version: "10.7.x", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Lockheed Martin Red Team", }, ], datePublic: "2021-02-10T00:00:00", descriptions: [ { lang: "en", value: "Clear text storage of sensitive Information in memory vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows a local user to view ENS settings and credentials via accessing process memory after the ENS administrator has performed specific actions. To exploit this, the local user has to access the relevant memory location immediately after an ENS administrator has made a configuration change through the console on their machine", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-312", description: "CWE-312: Cleartext storage of sensitive information", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-02-10T09:10:14", orgId: "01626437-bf8f-4d1c-912a-893b5eb04808", shortName: "trellix", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10345", }, ], source: { discovery: "EXTERNAL", }, title: "Clear text storage of sensitive Information in ENS", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@mcafee.com", DATE_PUBLIC: "2021-02-10T00:00:00.000Z", ID: "CVE-2021-23878", STATE: "PUBLIC", TITLE: "Clear text storage of sensitive Information in ENS", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Endpoint Security (ENS) for Windows", version: { version_data: [ { version_affected: "<", version_name: "10.7.x", version_value: "10.7.0 February 2021", }, ], }, }, ], }, vendor_name: "McAfee LLC", }, ], }, }, credit: [ { lang: "eng", value: "Lockheed Martin Red Team", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Clear text storage of sensitive Information in memory vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows a local user to view ENS settings and credentials via accessing process memory after the ENS administrator has performed specific actions. To exploit this, the local user has to access the relevant memory location immediately after an ENS administrator has made a configuration change through the console on their machine", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-312: Cleartext storage of sensitive information", }, ], }, ], }, references: { reference_data: [ { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10345", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10345", }, ], }, source: { discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "01626437-bf8f-4d1c-912a-893b5eb04808", assignerShortName: "trellix", cveId: "CVE-2021-23878", datePublished: "2021-02-10T09:10:14.580381Z", dateReserved: "2021-01-12T00:00:00", dateUpdated: "2024-09-16T19:41:11.060Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-7273 (GCVE-0-2020-7273)
Vulnerability from cvelistv5
Published
2020-04-15 11:35
Modified
2024-09-16 16:32
Severity ?
EPSS score ?
Summary
Accessing functionality not properly constrained by ACLs vulnerability in the autorun start-up protection in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to delete or rename programs in the autorun key via manipulation of some parameters.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10309 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee LLC | McAfee Endpoint Security (ENS) |
Version: 10.x < 10.7.0 April 2020 Update |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:25:48.957Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "McAfee Endpoint Security (ENS)", vendor: "McAfee LLC", versions: [ { lessThan: "10.7.0 April 2020 Update", status: "affected", version: "10.x", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "McAfee credits Dávid Müller for reporting this flaw", }, ], datePublic: "2020-04-14T00:00:00", descriptions: [ { lang: "en", value: "Accessing functionality not properly constrained by ACLs vulnerability in the autorun start-up protection in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to delete or rename programs in the autorun key via manipulation of some parameters.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-269", description: "CWE-269 Improper Privilege Management", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-04-15T11:35:14", orgId: "01626437-bf8f-4d1c-912a-893b5eb04808", shortName: "trellix", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], source: { discovery: "EXTERNAL", }, title: "Autorun registry bypass", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@mcafee.com", DATE_PUBLIC: "2020-04-14T00:00:00.000Z", ID: "CVE-2020-7273", STATE: "PUBLIC", TITLE: "Autorun registry bypass", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "McAfee Endpoint Security (ENS)", version: { version_data: [ { version_affected: "<", version_name: "10.x", version_value: "10.7.0 April 2020 Update", }, ], }, }, ], }, vendor_name: "McAfee LLC", }, ], }, }, credit: [ { lang: "eng", value: "McAfee credits Dávid Müller for reporting this flaw", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Accessing functionality not properly constrained by ACLs vulnerability in the autorun start-up protection in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to delete or rename programs in the autorun key via manipulation of some parameters.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-269 Improper Privilege Management", }, ], }, ], }, references: { reference_data: [ { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], }, source: { discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "01626437-bf8f-4d1c-912a-893b5eb04808", assignerShortName: "trellix", cveId: "CVE-2020-7273", datePublished: "2020-04-15T11:35:14.363986Z", dateReserved: "2020-01-21T00:00:00", dateUpdated: "2024-09-16T16:32:41.543Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-7261 (GCVE-0-2020-7261)
Vulnerability from cvelistv5
Published
2020-04-15 11:50
Modified
2024-09-16 20:16
Severity ?
EPSS score ?
Summary
Buffer Overflow via Environment Variables vulnerability in AMSI component in McAfee Endpoint Security (ENS) Prior to 10.7.0 February 2020 Update allows local users to disable Endpoint Security via a carefully crafted user input.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10309 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee LLC | McAfee Endpoint Security (ENS) |
Version: 10.x < 10.7.0 April 2020 Update |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:25:48.522Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "McAfee Endpoint Security (ENS)", vendor: "McAfee LLC", versions: [ { lessThan: "10.7.0 April 2020 Update", status: "affected", version: "10.x", versionType: "custom", }, ], }, ], datePublic: "2020-04-14T00:00:00", descriptions: [ { lang: "en", value: "Buffer Overflow via Environment Variables vulnerability in AMSI component in McAfee Endpoint Security (ENS) Prior to 10.7.0 February 2020 Update allows local users to disable Endpoint Security via a carefully crafted user input.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-04-15T11:50:13", orgId: "01626437-bf8f-4d1c-912a-893b5eb04808", shortName: "trellix", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], source: { discovery: "INTERNAL", }, title: "Buffer overwrite in ENS allowed to bypass AMSI protection", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@mcafee.com", DATE_PUBLIC: "2020-04-14T00:00:00.000Z", ID: "CVE-2020-7261", STATE: "PUBLIC", TITLE: "Buffer overwrite in ENS allowed to bypass AMSI protection", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "McAfee Endpoint Security (ENS)", version: { version_data: [ { version_affected: "<", version_name: "10.x", version_value: "10.7.0 April 2020 Update", }, ], }, }, ], }, vendor_name: "McAfee LLC", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Buffer Overflow via Environment Variables vulnerability in AMSI component in McAfee Endpoint Security (ENS) Prior to 10.7.0 February 2020 Update allows local users to disable Endpoint Security via a carefully crafted user input.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer", }, ], }, ], }, references: { reference_data: [ { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], }, source: { discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "01626437-bf8f-4d1c-912a-893b5eb04808", assignerShortName: "trellix", cveId: "CVE-2020-7261", datePublished: "2020-04-15T11:50:13.347804Z", dateReserved: "2020-01-21T00:00:00", dateUpdated: "2024-09-16T20:16:33.734Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2021-23880 (GCVE-0-2021-23880)
Vulnerability from cvelistv5
Published
2021-02-10 09:15
Modified
2024-09-16 22:45
Severity ?
EPSS score ?
Summary
Improper Access Control in attribute in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows authenticated local administrator user to perform an uninstallation of the anti-malware engine via the running of a specific command with the correct parameters.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10345 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee LLC | Endpoint Security (ENS) for Windows |
Version: 10.7.x < 10.7.0 February 2021 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T19:14:09.256Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10345", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Endpoint Security (ENS) for Windows", vendor: "McAfee LLC", versions: [ { lessThan: "10.7.0 February 2021", status: "affected", version: "10.7.x", versionType: "custom", }, ], }, ], datePublic: "2021-02-10T00:00:00", descriptions: [ { lang: "en", value: "Improper Access Control in attribute in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows authenticated local administrator user to perform an uninstallation of the anti-malware engine via the running of a specific command with the correct parameters.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-269", description: "CWE-269 Improper Privilege Management", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-02-10T09:15:17", orgId: "01626437-bf8f-4d1c-912a-893b5eb04808", shortName: "trellix", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10345", }, ], source: { discovery: "INTERNAL", }, title: "Improper Access Control in the ENS installer", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@mcafee.com", DATE_PUBLIC: "2021-02-10T00:00:00.000Z", ID: "CVE-2021-23880", STATE: "PUBLIC", TITLE: "Improper Access Control in the ENS installer", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Endpoint Security (ENS) for Windows", version: { version_data: [ { version_affected: "<", version_name: "10.7.x", version_value: "10.7.0 February 2021", }, ], }, }, ], }, vendor_name: "McAfee LLC", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Improper Access Control in attribute in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows authenticated local administrator user to perform an uninstallation of the anti-malware engine via the running of a specific command with the correct parameters.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-269 Improper Privilege Management", }, ], }, ], }, references: { reference_data: [ { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10345", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10345", }, ], }, source: { discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "01626437-bf8f-4d1c-912a-893b5eb04808", assignerShortName: "trellix", cveId: "CVE-2021-23880", datePublished: "2021-02-10T09:15:17.543955Z", dateReserved: "2021-01-12T00:00:00", dateUpdated: "2024-09-16T22:45:07.753Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2019-3652 (GCVE-0-2019-3652)
Vulnerability from cvelistv5
Published
2019-10-09 14:21
Modified
2024-08-04 19:12
Severity ?
EPSS score ?
Summary
Code Injection vulnerability in EPSetup.exe in McAfee Endpoint Security (ENS) Prior to 10.6.1 October 2019 Update allows local user to get their malicious code installed by the ENS installer via code injection into EPSetup.exe by an attacker with access to the installer.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10299 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee, LLC | McAfee Endpoint Security (ENS) |
Version: 10.6.x < 10.6.1 Version: 10.5.x < 10.5.5 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T19:12:09.719Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10299", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "McAfee Endpoint Security (ENS)", vendor: "McAfee, LLC", versions: [ { lessThan: "10.6.1", status: "affected", version: "10.6.x", versionType: "custom", }, { lessThan: "10.5.5", status: "affected", version: "10.5.x", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Code Injection vulnerability in EPSetup.exe in McAfee Endpoint Security (ENS) Prior to 10.6.1 October 2019 Update allows local user to get their malicious code installed by the ENS installer via code injection into EPSetup.exe by an attacker with access to the installer.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-94", description: "CWE-94 Improper Control of Generation of Code ('Code Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-10-09T14:21:13", orgId: "01626437-bf8f-4d1c-912a-893b5eb04808", shortName: "trellix", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10299", }, ], source: { discovery: "EXTERNAL", }, title: "ENS code injection in EPSetup.exe", x_generator: { engine: "Vulnogram 0.0.8", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@mcafee.com", ID: "CVE-2019-3652", STATE: "PUBLIC", TITLE: "ENS code injection in EPSetup.exe", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "McAfee Endpoint Security (ENS)", version: { version_data: [ { version_affected: "<", version_name: "10.6.x", version_value: "10.6.1", }, { version_affected: "<", version_name: "10.5.x", version_value: "10.5.5", }, ], }, }, ], }, vendor_name: "McAfee, LLC", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Code Injection vulnerability in EPSetup.exe in McAfee Endpoint Security (ENS) Prior to 10.6.1 October 2019 Update allows local user to get their malicious code installed by the ENS installer via code injection into EPSetup.exe by an attacker with access to the installer.", }, ], }, generator: { engine: "Vulnogram 0.0.8", }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-94 Improper Control of Generation of Code ('Code Injection')", }, ], }, ], }, references: { reference_data: [ { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10299", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10299", }, ], }, source: { discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "01626437-bf8f-4d1c-912a-893b5eb04808", assignerShortName: "trellix", cveId: "CVE-2019-3652", datePublished: "2019-10-09T14:21:13", dateReserved: "2019-01-03T00:00:00", dateUpdated: "2024-08-04T19:12:09.719Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2021-23882 (GCVE-0-2021-23882)
Vulnerability from cvelistv5
Published
2021-02-10 09:20
Modified
2024-09-16 20:57
Severity ?
EPSS score ?
Summary
Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows local administrators to prevent the installation of some ENS files by placing carefully crafted files where ENS will be installed. This is only applicable to clean installations of ENS as the Access Control rules will prevent modification prior to up an upgrade.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10345 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee LLC | Endpoint Security (ENS) for Windows |
Version: 10.7.x < 10.7.0 February 2021 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T19:14:09.221Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10345", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Endpoint Security (ENS) for Windows", vendor: "McAfee LLC", versions: [ { lessThan: "10.7.0 February 2021", status: "affected", version: "10.7.x", versionType: "custom", }, ], }, ], datePublic: "2021-02-10T00:00:00", descriptions: [ { lang: "en", value: "Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows local administrators to prevent the installation of some ENS files by placing carefully crafted files where ENS will be installed. This is only applicable to clean installations of ENS as the Access Control rules will prevent modification prior to up an upgrade.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-269", description: "CWE-269 Improper Privilege Management", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-02-10T09:20:14", orgId: "01626437-bf8f-4d1c-912a-893b5eb04808", shortName: "trellix", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10345", }, ], source: { discovery: "INTERNAL", }, title: "Improper Access Control in the ENS installer", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@mcafee.com", DATE_PUBLIC: "2021-02-10T00:00:00.000Z", ID: "CVE-2021-23882", STATE: "PUBLIC", TITLE: "Improper Access Control in the ENS installer", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Endpoint Security (ENS) for Windows", version: { version_data: [ { version_affected: "<", version_name: "10.7.x", version_value: "10.7.0 February 2021", }, ], }, }, ], }, vendor_name: "McAfee LLC", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows local administrators to prevent the installation of some ENS files by placing carefully crafted files where ENS will be installed. This is only applicable to clean installations of ENS as the Access Control rules will prevent modification prior to up an upgrade.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-269 Improper Privilege Management", }, ], }, ], }, references: { reference_data: [ { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10345", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10345", }, ], }, source: { discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "01626437-bf8f-4d1c-912a-893b5eb04808", assignerShortName: "trellix", cveId: "CVE-2021-23882", datePublished: "2021-02-10T09:20:14.574684Z", dateReserved: "2021-01-12T00:00:00", dateUpdated: "2024-09-16T20:57:39.626Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2021-23883 (GCVE-0-2021-23883)
Vulnerability from cvelistv5
Published
2021-02-10 09:25
Modified
2024-09-17 01:41
Severity ?
EPSS score ?
Summary
A Null Pointer Dereference vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows a local administrator to cause Windows to crash via a specific system call which is not handled correctly. This varies by machine and had partial protection prior to this update.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10345 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee LLC | Endpoint Security (ENS) for Windows |
Version: 10.7.x < 10.7.0 February 2021 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T19:14:09.379Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10345", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Endpoint Security (ENS) for Windows", vendor: "McAfee LLC", versions: [ { lessThan: "10.7.0 February 2021", status: "affected", version: "10.7.x", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Alain Rödel from cirosec GmbH", }, ], datePublic: "2021-02-10T00:00:00", descriptions: [ { lang: "en", value: "A Null Pointer Dereference vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows a local administrator to cause Windows to crash via a specific system call which is not handled correctly. This varies by machine and had partial protection prior to this update.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476 NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-02-10T09:25:13", orgId: "01626437-bf8f-4d1c-912a-893b5eb04808", shortName: "trellix", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10345", }, ], source: { discovery: "INTERNAL", }, title: "Null Pointer Dereference vulnerability in McAfee Endpoint Security (ENS)", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@mcafee.com", DATE_PUBLIC: "2021-02-10T00:00:00.000Z", ID: "CVE-2021-23883", STATE: "PUBLIC", TITLE: "Null Pointer Dereference vulnerability in McAfee Endpoint Security (ENS)", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Endpoint Security (ENS) for Windows", version: { version_data: [ { version_affected: "<", version_name: "10.7.x", version_value: "10.7.0 February 2021", }, ], }, }, ], }, vendor_name: "McAfee LLC", }, ], }, }, credit: [ { lang: "eng", value: "Alain Rödel from cirosec GmbH", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A Null Pointer Dereference vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows a local administrator to cause Windows to crash via a specific system call which is not handled correctly. This varies by machine and had partial protection prior to this update.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-476 NULL Pointer Dereference", }, ], }, ], }, references: { reference_data: [ { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10345", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10345", }, ], }, source: { discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "01626437-bf8f-4d1c-912a-893b5eb04808", assignerShortName: "trellix", cveId: "CVE-2021-23883", datePublished: "2021-02-10T09:25:13.493250Z", dateReserved: "2021-01-12T00:00:00", dateUpdated: "2024-09-17T01:41:53.554Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2019-3582 (GCVE-0-2019-3582)
Vulnerability from cvelistv5
Published
2019-02-28 16:00
Modified
2024-08-04 19:12
Severity ?
EPSS score ?
Summary
Privilege Escalation vulnerability in Microsoft Windows client in McAfee Endpoint Security (ENS) 10.6.1 and earlier allows local users to gain elevated privileges via a specific set of circumstances.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10254 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee, LLC | McAfee Endpoint Security (ENS) |
Version: 10.5.3 < 10.5.3 Hotfix 1240838 Version: 10.5.4 < 10.5.4 Hotfix 1240838 Version: 10.5.5 < 10.5.5 Nov 2018 update Version: 10.6.1 < 10.6.1 Nov 2018 update |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T19:12:09.374Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10254", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "McAfee Endpoint Security (ENS)", vendor: "McAfee, LLC", versions: [ { lessThan: "10.5.3 Hotfix 1240838", status: "affected", version: "10.5.3", versionType: "custom", }, { lessThan: "10.5.4 Hotfix 1240838", status: "affected", version: "10.5.4", versionType: "custom", }, { lessThan: "10.5.5 Nov 2018 update", status: "affected", version: "10.5.5", versionType: "custom", }, { lessThan: "10.6.1 Nov 2018 update", status: "affected", version: "10.6.1", versionType: "custom", }, ], }, ], datePublic: "2019-02-28T00:00:00", descriptions: [ { lang: "en", value: "Privilege Escalation vulnerability in Microsoft Windows client in McAfee Endpoint Security (ENS) 10.6.1 and earlier allows local users to gain elevated privileges via a specific set of circumstances.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "Privilege Escalation vulnerability", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-02-28T15:57:01", orgId: "01626437-bf8f-4d1c-912a-893b5eb04808", shortName: "trellix", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10254", }, ], source: { discovery: "EXTERNAL", }, title: "McAfee Endpoint Security updates fix a privilege escalation vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@mcafee.com", ID: "CVE-2019-3582", STATE: "PUBLIC", TITLE: "McAfee Endpoint Security updates fix a privilege escalation vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "McAfee Endpoint Security (ENS)", version: { version_data: [ { affected: "<", version_affected: "<", version_name: "10.5.3", version_value: "10.5.3 Hotfix 1240838", }, { affected: "<", version_affected: "<", version_name: "10.5.4", version_value: "10.5.4 Hotfix 1240838", }, { affected: "<", version_affected: "<", version_name: "10.5.5", version_value: "10.5.5 Nov 2018 update", }, { affected: "<", version_affected: "<", version_name: "10.6.1", version_value: "10.6.1 Nov 2018 update", }, ], }, }, ], }, vendor_name: "McAfee, LLC", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Privilege Escalation vulnerability in Microsoft Windows client in McAfee Endpoint Security (ENS) 10.6.1 and earlier allows local users to gain elevated privileges via a specific set of circumstances.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Privilege Escalation vulnerability", }, ], }, ], }, references: { reference_data: [ { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10254", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10254", }, ], }, source: { discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "01626437-bf8f-4d1c-912a-893b5eb04808", assignerShortName: "trellix", cveId: "CVE-2019-3582", datePublished: "2019-02-28T16:00:00", dateReserved: "2019-01-03T00:00:00", dateUpdated: "2024-08-04T19:12:09.374Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-7259 (GCVE-0-2020-7259)
Vulnerability from cvelistv5
Published
2020-04-15 11:55
Modified
2024-09-17 00:31
Severity ?
EPSS score ?
Summary
Exploitation of Privilege/Trust vulnerability in file in McAfee Endpoint Security (ENS) Prior to 10.7.0 February 2020 Update allows local users to bypass local security protection via a carefully crafted input file
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10309 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee LLC | McAfee Endpoint Security (ENS) |
Version: 10.x < 10.7.0 April 2020 Update |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:25:48.575Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "McAfee Endpoint Security (ENS)", vendor: "McAfee LLC", versions: [ { lessThan: "10.7.0 April 2020 Update", status: "affected", version: "10.x", versionType: "custom", }, ], }, ], datePublic: "2020-04-14T00:00:00", descriptions: [ { lang: "en", value: "Exploitation of Privilege/Trust vulnerability in file in McAfee Endpoint Security (ENS) Prior to 10.7.0 February 2020 Update allows local users to bypass local security protection via a carefully crafted input file", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-264", description: "CWE-264 Permissions, Privileges, and Access Controls", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-04-15T11:55:13", orgId: "01626437-bf8f-4d1c-912a-893b5eb04808", shortName: "trellix", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], source: { discovery: "INTERNAL", }, title: "Unsigned executable vulnerability in ENS can be used to bypass intended self-protection rules", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@mcafee.com", DATE_PUBLIC: "2020-04-14T00:00:00.000Z", ID: "CVE-2020-7259", STATE: "PUBLIC", TITLE: "Unsigned executable vulnerability in ENS can be used to bypass intended self-protection rules", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "McAfee Endpoint Security (ENS)", version: { version_data: [ { version_affected: "<", version_name: "10.x", version_value: "10.7.0 April 2020 Update", }, ], }, }, ], }, vendor_name: "McAfee LLC", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Exploitation of Privilege/Trust vulnerability in file in McAfee Endpoint Security (ENS) Prior to 10.7.0 February 2020 Update allows local users to bypass local security protection via a carefully crafted input file", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-264 Permissions, Privileges, and Access Controls", }, ], }, ], }, references: { reference_data: [ { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], }, source: { discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "01626437-bf8f-4d1c-912a-893b5eb04808", assignerShortName: "trellix", cveId: "CVE-2020-7259", datePublished: "2020-04-15T11:55:13.399395Z", dateReserved: "2020-01-21T00:00:00", dateUpdated: "2024-09-17T00:31:04.559Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-7332 (GCVE-0-2020-7332)
Vulnerability from cvelistv5
Published
2020-11-12 09:45
Modified
2024-09-17 00:30
Severity ?
EPSS score ?
Summary
Cross Site Request Forgery vulnerability in the firewall ePO extension of McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows an attacker to execute arbitrary HTML code due to incorrect security configuration.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10335 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Mcafee, LLC | Endpoint Security for Windows |
Version: 10.7.x < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:25:49.069Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10335", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Endpoint Security for Windows", vendor: "Mcafee, LLC", versions: [ { lessThanOrEqual: "10.7.0 September 2020 Update", status: "affected", version: "10.7.x", versionType: "custom", }, ], }, ], datePublic: "2020-11-11T00:00:00", descriptions: [ { lang: "en", value: "Cross Site Request Forgery vulnerability in the firewall ePO extension of McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows an attacker to execute arbitrary HTML code due to incorrect security configuration.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-352", description: "CWE-352 Cross-Site Request Forgery (CSRF)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-11-12T09:45:15", orgId: "01626437-bf8f-4d1c-912a-893b5eb04808", shortName: "trellix", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10335", }, ], source: { discovery: "INTERNAL", }, title: "Cross-Site Request Forgery (CSRF) in firewall ePO extension of McAfee Endpoint Security (ENS)", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@mcafee.com", DATE_PUBLIC: "2020-11-11T00:00:00.000Z", ID: "CVE-2020-7332", STATE: "PUBLIC", TITLE: "Cross-Site Request Forgery (CSRF) in firewall ePO extension of McAfee Endpoint Security (ENS)", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Endpoint Security for Windows", version: { version_data: [ { version_affected: "<=", version_name: "10.7.x", version_value: "10.7.0 September 2020 Update", }, ], }, }, ], }, vendor_name: "Mcafee, LLC", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Cross Site Request Forgery vulnerability in the firewall ePO extension of McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows an attacker to execute arbitrary HTML code due to incorrect security configuration.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-352 Cross-Site Request Forgery (CSRF)", }, ], }, ], }, references: { reference_data: [ { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10335", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10335", }, ], }, source: { discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "01626437-bf8f-4d1c-912a-893b5eb04808", assignerShortName: "trellix", cveId: "CVE-2020-7332", datePublished: "2020-11-12T09:45:15.185321Z", dateReserved: "2020-01-21T00:00:00", dateUpdated: "2024-09-17T00:30:40.241Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2020-7277 (GCVE-0-2020-7277)
Vulnerability from cvelistv5
Published
2020-04-15 11:20
Modified
2024-09-17 00:05
Severity ?
EPSS score ?
Summary
Protection mechanism failure in all processes in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 April 2020 Update allows local users to stop certain McAfee ENS processes, reducing the protection offered.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10309 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee LLC | McAfee Endpoint Security (ENS) |
Version: 10.x < 10.7.0 April 2020 Update |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:25:48.499Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "McAfee Endpoint Security (ENS)", vendor: "McAfee LLC", versions: [ { lessThan: "10.7.0 April 2020 Update", status: "affected", version: "10.x", versionType: "custom", }, ], }, ], datePublic: "2020-04-14T00:00:00", descriptions: [ { lang: "en", value: "Protection mechanism failure in all processes in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 April 2020 Update allows local users to stop certain McAfee ENS processes, reducing the protection offered.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-693", description: "CWE-693 Protection Mechanism Failure", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-04-15T11:20:19", orgId: "01626437-bf8f-4d1c-912a-893b5eb04808", shortName: "trellix", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], source: { discovery: "INTERNAL", }, title: "McAfee processes not protected", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@mcafee.com", DATE_PUBLIC: "2020-04-14T00:00:00.000Z", ID: "CVE-2020-7277", STATE: "PUBLIC", TITLE: "McAfee processes not protected", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "McAfee Endpoint Security (ENS)", version: { version_data: [ { version_affected: "<", version_name: "10.x", version_value: "10.7.0 April 2020 Update", }, ], }, }, ], }, vendor_name: "McAfee LLC", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Protection mechanism failure in all processes in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 April 2020 Update allows local users to stop certain McAfee ENS processes, reducing the protection offered.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-693 Protection Mechanism Failure", }, ], }, ], }, references: { reference_data: [ { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], }, source: { discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "01626437-bf8f-4d1c-912a-893b5eb04808", assignerShortName: "trellix", cveId: "CVE-2020-7277", datePublished: "2020-04-15T11:20:19.699545Z", dateReserved: "2020-01-21T00:00:00", dateUpdated: "2024-09-17T00:05:40.086Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2020-04-15 13:15
Modified
2024-11-21 05:36
Severity ?
3.9 (Low) - CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Summary
Privilege escalation vulnerability in the administrative user interface in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows local users to gain elevated privileges via ENS not checking user permissions when editing configuration in the ENS client interface. Administrators can lock the ENS client interface through ePO to prevent users being able to edit the configuration.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | endpoint_security | 10.5.0 | |
| mcafee | endpoint_security | 10.5.1 | |
| mcafee | endpoint_security | 10.5.2 | |
| mcafee | endpoint_security | 10.5.3 | |
| mcafee | endpoint_security | 10.5.4 | |
| mcafee | endpoint_security | 10.5.5 | |
| mcafee | endpoint_security | 10.6.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.0:*:*:*:*:windows:*:*", matchCriteriaId: "6AC514CA-D094-433D-9561-99048D43902F", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.1:*:*:*:*:windows:*:*", matchCriteriaId: "1B7AE3E9-DDCE-4119-B57D-B3D471E05B16", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.2:*:*:*:*:windows:*:*", matchCriteriaId: "603FE358-FADA-4FE6-B3F2-169D032A57E9", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.3:*:*:*:*:windows:*:*", matchCriteriaId: "66461D42-AE21-41B3-9FCB-3F6D09AC323E", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.4:*:*:*:*:windows:*:*", matchCriteriaId: "DCC441CF-5EA0-41C1-AE15-6672FF20B73A", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.5:*:*:*:*:windows:*:*", matchCriteriaId: "A6551AB4-1B0F-4EE3-8ED1-99413E3F19DD", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.6.0:*:*:*:*:windows:*:*", matchCriteriaId: "94732038-F35D-41AB-A550-E6F5FF9004DF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Privilege escalation vulnerability in the administrative user interface in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows local users to gain elevated privileges via ENS not checking user permissions when editing configuration in the ENS client interface. Administrators can lock the ENS client interface through ePO to prevent users being able to edit the configuration.", }, { lang: "es", value: "Una vulnerabilidad de escalada de privilegios en la interfaz administrativa de usuario en McAfee Endpoint Security (ENS) para Windows versiones anteriores a 10.7.0 Update de febrero de 2020, permite a usuarios locales alcanzar privilegios elevados por medio de ENS sin comprobar los permisos del usuario cuando se edita la configuración en la interfaz del cliente ENS. Los administradores pueden bloquear la interfaz del cliente ENS por medio de ePO para impedir que los usuarios puedan editar la configuración.", }, ], id: "CVE-2020-7255", lastModified: "2024-11-21T05:36:56.197", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 3.6, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:N/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.9, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 2.7, source: "trellixpsirt@trellix.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 2.5, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-15T13:15:13.267", references: [ { source: "trellixpsirt@trellix.com", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], sourceIdentifier: "trellixpsirt@trellix.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "trellixpsirt@trellix.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-269", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-05-15 16:29
Modified
2024-11-21 04:42
Severity ?
Summary
Protection Mechanism Failure in the Firewall in McAfee Endpoint Security (ENS) 10.x prior to 10.6.1 May 2019 update allows context-dependent attackers to circumvent ENS protection where GTI flagged IP addresses are not blocked by the ENS Firewall via specially crafted malicious sites where the GTI reputation is carefully manipulated and does not correctly trigger the ENS Firewall to block the connection.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | endpoint_security | * | |
| mcafee | endpoint_security | 10.6.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:endpoint_security:*:*:*:*:*:*:*:*", matchCriteriaId: "A079D9DB-D2B6-47D2-956B-D488D5CF2B86", versionEndIncluding: "10.6.1", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.6.1:201905:*:*:*:*:*:*", matchCriteriaId: "74D3A76C-3A30-41A5-A065-AF8904EC81B4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Protection Mechanism Failure in the Firewall in McAfee Endpoint Security (ENS) 10.x prior to 10.6.1 May 2019 update allows context-dependent attackers to circumvent ENS protection where GTI flagged IP addresses are not blocked by the ENS Firewall via specially crafted malicious sites where the GTI reputation is carefully manipulated and does not correctly trigger the ENS Firewall to block the connection.", }, { lang: "es", value: "Una falla del mecanismo de protección en el Firewall en McAfee Endpoint Security (ENS) 10.x anterior a 10.6.1 de Mayo de 2019 permite a los atacantes del tipo context-dependent eludir la protección ENS donde las direcciones IP identificadas con GTI no están bloqueadas por el Firewall ENS por medio de sitios maliciosos especialmente creados donde la reputación de GTI es manipulada cuidadosamente y no activa correctamente el Firewall ENS para bloquear la conexión.", }, ], id: "CVE-2019-3586", lastModified: "2024-11-21T04:42:13.207", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.1, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:H/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 4.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:H", version: "3.0", }, exploitabilityScore: 1.6, impactScore: 5.3, source: "trellixpsirt@trellix.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:H", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 5.3, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-05-15T16:29:00.550", references: [ { source: "trellixpsirt@trellix.com", url: "http://www.securityfocus.com/bid/108416", }, { source: "trellixpsirt@trellix.com", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10280", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/108416", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10280", }, ], sourceIdentifier: "trellixpsirt@trellix.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-693", }, ], source: "trellixpsirt@trellix.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-05-08 12:15
Modified
2024-11-21 05:36
Severity ?
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H
8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H
Summary
Privilege Escalation vulnerability in McAfee Endpoint Security (ENS) for Mac prior to 10.6.9 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | endpoint_security | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:endpoint_security:*:*:*:*:*:macos:*:*", matchCriteriaId: "176ADB90-D9B5-4AA1-A42E-5E75C980C2EF", versionEndExcluding: "10.6.9", versionStartIncluding: "10.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Privilege Escalation vulnerability in McAfee Endpoint Security (ENS) for Mac prior to 10.6.9 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine.", }, { lang: "es", value: "Una vulnerabilidad de Escalada de Privilegios en McAfee Endpoint Security (ENS) para Mac versiones anteriores a 10.6.9, permite a usuarios locales eliminar archivos a los que de otro modo el usuario no tendría acceso por medio de la manipulación de enlaces simbólicos para redireccionar una acción de eliminación de McAfee hacia un archivo no deseado. Esto es logrado por medio de la ejecución de un script o programa malicioso en la máquina objetivo.", }, ], id: "CVE-2020-7265", lastModified: "2024-11-21T05:36:57.337", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 3.6, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:N/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2, impactScore: 6, source: "trellixpsirt@trellix.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H", version: "3.1", }, exploitabilityScore: 2, impactScore: 5.8, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-05-08T12:15:12.160", references: [ { source: "trellixpsirt@trellix.com", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10316", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10316", }, ], sourceIdentifier: "trellixpsirt@trellix.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-274", }, ], source: "trellixpsirt@trellix.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-269", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-09-09 10:15
Modified
2024-11-21 05:37
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:L
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L
Summary
Protection Mechanism Failure vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local administrator to temporarily reduce the detection capability allowing otherwise detected malware to run via stopping certain Microsoft services.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | endpoint_security | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:endpoint_security:*:*:*:*:*:windows:*:*", matchCriteriaId: "CA4CEE25-A297-4D69-8CF8-5425875B206A", versionEndExcluding: "10.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Protection Mechanism Failure vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local administrator to temporarily reduce the detection capability allowing otherwise detected malware to run via stopping certain Microsoft services.", }, { lang: "es", value: "Una vulnerabilidad de Fallo del Mecanismo de Protección en McAfee Endpoint Security (ENS) para Windows versiones anteriores a 10.7.0 Actualización de Septiembre de 2020, permite al administrador local reducir temporalmente la capacidad de detección, permitiendo de otra manera ejecutar el malware detectado mediante la detención de determinados servicios de Microsoft.", }, ], id: "CVE-2020-7320", lastModified: "2024-11-21T05:37:03.443", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:L", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.3, source: "trellixpsirt@trellix.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L", version: "3.1", }, exploitabilityScore: 1.5, impactScore: 5.3, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-09-09T10:15:11.477", references: [ { source: "trellixpsirt@trellix.com", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10327", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10327", }, ], sourceIdentifier: "trellixpsirt@trellix.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-693", }, ], source: "trellixpsirt@trellix.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-09-09 10:15
Modified
2024-11-21 05:37
Severity ?
6.9 (Medium) - CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:L
6.9 (Medium) - CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:L
6.9 (Medium) - CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:L
Summary
Authentication Protection Bypass vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows physical local users to bypass the Windows lock screen via triggering certain detection events while the computer screen is locked and the McTray.exe is running with elevated privileges. This issue is timing dependent and requires physical access to the machine.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | endpoint_security | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:endpoint_security:*:*:*:*:*:windows:*:*", matchCriteriaId: "CA4CEE25-A297-4D69-8CF8-5425875B206A", versionEndExcluding: "10.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Authentication Protection Bypass vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows physical local users to bypass the Windows lock screen via triggering certain detection events while the computer screen is locked and the McTray.exe is running with elevated privileges. This issue is timing dependent and requires physical access to the machine.", }, { lang: "es", value: "Una vulnerabilidad de Omisión de Protección de Autenticación en McAfee Endpoint Security (ENS) para Windows versiones anteriores a 10.7.0 Actualización de Septiembre de 2020, permite a usuarios locales físicos omitir la pantalla de bloqueo de Windows por medio de la activación de determinados eventos de detección mientras la pantalla de la computadora está bloqueada y el archivo McTray.exe está ejecutándose con privilegios elevados. Este problema depende del tiempo y requiere acceso físico a la máquina.", }, ], id: "CVE-2020-7323", lastModified: "2024-11-21T05:37:03.683", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "HIGH", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:H/Au:N/C:C/I:C/A:P", version: "2.0", }, exploitabilityScore: 1.9, impactScore: 9.5, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "PHYSICAL", availabilityImpact: "LOW", baseScore: 6.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:L", version: "3.1", }, exploitabilityScore: 0.4, impactScore: 6, source: "trellixpsirt@trellix.com", type: "Secondary", }, { cvssData: { attackComplexity: "HIGH", attackVector: "PHYSICAL", availabilityImpact: "LOW", baseScore: 6.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:L", version: "3.1", }, exploitabilityScore: 0.4, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-09-09T10:15:11.633", references: [ { source: "trellixpsirt@trellix.com", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10327", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10327", }, ], sourceIdentifier: "trellixpsirt@trellix.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-287", }, ], source: "trellixpsirt@trellix.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-287", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-04-15 12:15
Modified
2024-11-21 05:36
Severity ?
8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H
6.3 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
6.3 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
Summary
Privilege escalation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows local users to cause the deletion and creation of files they would not normally have permission to through altering the target of symbolic links whilst an anti-virus scan was in progress. This is timing dependent.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | endpoint_security | 10.5.0 | |
| mcafee | endpoint_security | 10.5.1 | |
| mcafee | endpoint_security | 10.5.2 | |
| mcafee | endpoint_security | 10.5.3 | |
| mcafee | endpoint_security | 10.5.4 | |
| mcafee | endpoint_security | 10.5.5 | |
| mcafee | endpoint_security | 10.6.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.0:*:*:*:*:windows:*:*", matchCriteriaId: "6AC514CA-D094-433D-9561-99048D43902F", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.1:*:*:*:*:windows:*:*", matchCriteriaId: "1B7AE3E9-DDCE-4119-B57D-B3D471E05B16", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.2:*:*:*:*:windows:*:*", matchCriteriaId: "603FE358-FADA-4FE6-B3F2-169D032A57E9", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.3:*:*:*:*:windows:*:*", matchCriteriaId: "66461D42-AE21-41B3-9FCB-3F6D09AC323E", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.4:*:*:*:*:windows:*:*", matchCriteriaId: "DCC441CF-5EA0-41C1-AE15-6672FF20B73A", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.5:*:*:*:*:windows:*:*", matchCriteriaId: "A6551AB4-1B0F-4EE3-8ED1-99413E3F19DD", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.6.0:*:*:*:*:windows:*:*", matchCriteriaId: "94732038-F35D-41AB-A550-E6F5FF9004DF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Privilege escalation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows local users to cause the deletion and creation of files they would not normally have permission to through altering the target of symbolic links whilst an anti-virus scan was in progress. This is timing dependent.", }, { lang: "es", value: "Una vulnerabilidad de escalada de privilegios en McAfee Endpoint Security (ENS) para Windows versión anterior a 10.7.0 Update de Febrero de 2020, permite a usuarios locales causar la eliminación y creación de archivos para los que normalmente no tendrían permiso al alterar el objetivo de los enlaces simbólicos mientras un escaneo de antivirus estaba en progreso. Esto depende de la sincronización.", }, ], id: "CVE-2020-7257", lastModified: "2024-11-21T05:36:56.437", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 3.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:M/Au:N/C:N/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H", version: "3.1", }, exploitabilityScore: 2, impactScore: 5.8, source: "trellixpsirt@trellix.com", type: "Secondary", }, { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, exploitabilityScore: 1, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-15T12:15:11.917", references: [ { source: "trellixpsirt@trellix.com", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], sourceIdentifier: "trellixpsirt@trellix.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "trellixpsirt@trellix.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-269", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-10 09:15
Modified
2024-11-21 05:51
Severity ?
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
5.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
5.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
Summary
Clear text storage of sensitive Information in memory vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows a local user to view ENS settings and credentials via accessing process memory after the ENS administrator has performed specific actions. To exploit this, the local user has to access the relevant memory location immediately after an ENS administrator has made a configuration change through the console on their machine
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | endpoint_security | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:endpoint_security:*:*:*:*:*:windows:*:*", matchCriteriaId: "CA4CEE25-A297-4D69-8CF8-5425875B206A", versionEndExcluding: "10.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Clear text storage of sensitive Information in memory vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows a local user to view ENS settings and credentials via accessing process memory after the ENS administrator has performed specific actions. To exploit this, the local user has to access the relevant memory location immediately after an ENS administrator has made a configuration change through the console on their machine", }, { lang: "es", value: "Una vulnerabilidad de almacenamiento en texto sin cifrar de información confidencial en la memoria en McAfee Endpoint Security (ENS) para Windows versiones anteriores a 10.7.0, la actualización de Febrero de 2021, permite a un usuario local visualizar la configuración y las credenciales de ENS por medio del acceso a la memoria del proceso después de que el administrador de ENS haya llevado a cabo acciones específicas. Para explotar esto, el usuario local debe acceder a la ubicación de memoria relevante inmediatamente después de a un administrador de ENS haya realizado un cambio de configuración por medio de la consola en su máquina", }, ], id: "CVE-2021-23878", lastModified: "2024-11-21T05:51:59.373", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.3, impactScore: 5.9, source: "trellixpsirt@trellix.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.3, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-10T09:15:13.090", references: [ { source: "trellixpsirt@trellix.com", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10345", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10345", }, ], sourceIdentifier: "trellixpsirt@trellix.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-312", }, ], source: "trellixpsirt@trellix.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-312", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-04-15 12:15
Modified
2024-11-21 05:36
Severity ?
6.8 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
5.3 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
5.3 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Summary
Protection mechanism failure in all processes in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 April 2020 Update allows local users to stop certain McAfee ENS processes, reducing the protection offered.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | endpoint_security | 10.5.0 | |
| mcafee | endpoint_security | 10.5.1 | |
| mcafee | endpoint_security | 10.5.2 | |
| mcafee | endpoint_security | 10.5.3 | |
| mcafee | endpoint_security | 10.5.4 | |
| mcafee | endpoint_security | 10.5.5 | |
| mcafee | endpoint_security | 10.6.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.0:*:*:*:*:windows:*:*", matchCriteriaId: "6AC514CA-D094-433D-9561-99048D43902F", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.1:*:*:*:*:windows:*:*", matchCriteriaId: "1B7AE3E9-DDCE-4119-B57D-B3D471E05B16", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.2:*:*:*:*:windows:*:*", matchCriteriaId: "603FE358-FADA-4FE6-B3F2-169D032A57E9", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.3:*:*:*:*:windows:*:*", matchCriteriaId: "66461D42-AE21-41B3-9FCB-3F6D09AC323E", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.4:*:*:*:*:windows:*:*", matchCriteriaId: "DCC441CF-5EA0-41C1-AE15-6672FF20B73A", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.5:*:*:*:*:windows:*:*", matchCriteriaId: "A6551AB4-1B0F-4EE3-8ED1-99413E3F19DD", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.6.0:*:*:*:*:windows:*:*", matchCriteriaId: "94732038-F35D-41AB-A550-E6F5FF9004DF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Protection mechanism failure in all processes in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 April 2020 Update allows local users to stop certain McAfee ENS processes, reducing the protection offered.", }, { lang: "es", value: "El fallo del mecanismo de protección en todos los procesos en McAfee Endpoint Security (ENS) para Windows versiones anteriores a 10.7.0 Update de Abril de 2020, permite a usuarios locales detener determinados procesos de McAfee ENS, reduciendo la protección ofrecida.", }, ], id: "CVE-2020-7277", lastModified: "2024-11-21T05:36:58.490", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 2.5, impactScore: 3.7, source: "trellixpsirt@trellix.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-15T12:15:12.417", references: [ { source: "trellixpsirt@trellix.com", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], sourceIdentifier: "trellixpsirt@trellix.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-693", }, ], source: "trellixpsirt@trellix.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-04-01 07:15
Modified
2024-11-21 05:36
Severity ?
6.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Improper access control vulnerability in ESconfigTool.exe in McAfee Endpoint Security (ENS) for Windows all current versions allows local administrator to alter ENS configuration up to and including disabling all protection offered by ENS via insecurely implemented encryption of configuration for export and import.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | endpoint_security | 10.5.0 | |
| mcafee | endpoint_security | 10.5.1 | |
| mcafee | endpoint_security | 10.5.2 | |
| mcafee | endpoint_security | 10.5.3 | |
| mcafee | endpoint_security | 10.5.4 | |
| mcafee | endpoint_security | 10.5.5 | |
| mcafee | endpoint_security | 10.6.0 | |
| mcafee | endpoint_security | 10.6.1 | |
| mcafee | endpoint_security | 10.7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.0:*:*:*:*:windows:*:*", matchCriteriaId: "6AC514CA-D094-433D-9561-99048D43902F", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.1:*:*:*:*:windows:*:*", matchCriteriaId: "1B7AE3E9-DDCE-4119-B57D-B3D471E05B16", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.2:*:*:*:*:windows:*:*", matchCriteriaId: "603FE358-FADA-4FE6-B3F2-169D032A57E9", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.3:*:*:*:*:windows:*:*", matchCriteriaId: "66461D42-AE21-41B3-9FCB-3F6D09AC323E", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.4:*:*:*:*:windows:*:*", matchCriteriaId: "DCC441CF-5EA0-41C1-AE15-6672FF20B73A", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.5:*:*:*:*:windows:*:*", matchCriteriaId: "A6551AB4-1B0F-4EE3-8ED1-99413E3F19DD", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.6.0:*:*:*:*:windows:*:*", matchCriteriaId: "94732038-F35D-41AB-A550-E6F5FF9004DF", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.6.1:*:*:*:*:windows:*:*", matchCriteriaId: "6D911059-4665-44AB-AE6A-E296A86F00AA", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.7.0:*:*:*:*:windows:*:*", matchCriteriaId: "9D9F994B-0724-4351-8BF8-836A0A89837A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Improper access control vulnerability in ESconfigTool.exe in McAfee Endpoint Security (ENS) for Windows all current versions allows local administrator to alter ENS configuration up to and including disabling all protection offered by ENS via insecurely implemented encryption of configuration for export and import.", }, { lang: "es", value: "Una vulnerabilidad de control de acceso inapropiado en el archivo ESConfigTool.exe en McAfee Endpoint Security (ENS) para Windows, todas las versiones actuales permite a un administrador local alterar la configuración de ENS e inclusive deshabilitar toda protección ofrecida por ENS mediante un cifrado de configuración implementado de forma no segura para la exportación e importación", }, ], id: "CVE-2020-7263", lastModified: "2024-11-21T05:36:57.103", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.6, impactScore: 5.9, source: "trellixpsirt@trellix.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-01T07:15:13.380", references: [ { source: "trellixpsirt@trellix.com", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10314", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10314", }, ], sourceIdentifier: "trellixpsirt@trellix.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "trellixpsirt@trellix.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-732", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-11-12 10:15
Modified
2024-11-21 05:37
Severity ?
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
Cross site scripting vulnerability in the firewall ePO extension of McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows administrators to inject arbitrary web script or HTML via the configuration wizard.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| trellixpsirt@trellix.com | https://kc.mcafee.com/corporate/index?page=content&id=SB10335 | Broken Link, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kc.mcafee.com/corporate/index?page=content&id=SB10335 | Broken Link, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | endpoint_security | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:endpoint_security:*:*:*:*:*:windows:*:*", matchCriteriaId: "CA4CEE25-A297-4D69-8CF8-5425875B206A", versionEndExcluding: "10.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Cross site scripting vulnerability in the firewall ePO extension of McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows administrators to inject arbitrary web script or HTML via the configuration wizard.", }, { lang: "es", value: "Una Vulnerabilidad de tipo Cross site scripting en la extensión ePO de firewall de McAfee Endpoint Security (ENS) versiones anteriores a 10.7.0, actualización de Noviembre de 2020, permite a los administradores inyectar script web o HTML arbitrario por medio del asistente de configuración", }, ], id: "CVE-2020-7333", lastModified: "2024-11-21T05:37:04.873", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 2.7, source: "trellixpsirt@trellix.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-11-12T10:15:13.733", references: [ { source: "trellixpsirt@trellix.com", tags: [ "Broken Link", "Vendor Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10335", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Vendor Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10335", }, ], sourceIdentifier: "trellixpsirt@trellix.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "trellixpsirt@trellix.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-02-28 15:29
Modified
2024-11-21 04:42
Severity ?
8.6 (High) - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Privilege Escalation vulnerability in Microsoft Windows client in McAfee Endpoint Security (ENS) 10.6.1 and earlier allows local users to gain elevated privileges via a specific set of circumstances.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | endpoint_security | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:endpoint_security:*:*:*:*:*:*:*:*", matchCriteriaId: "D7CBB43C-C5D5-4D6B-AA3E-52FA5C3585A2", versionEndIncluding: "10.6.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Privilege Escalation vulnerability in Microsoft Windows client in McAfee Endpoint Security (ENS) 10.6.1 and earlier allows local users to gain elevated privileges via a specific set of circumstances.", }, { lang: "es", value: "Una vulnerabilidad de escalado de privilegios en el cliente de Microsoft Windows en McAfee Endpoint Security (ENS), en versiones 10.6.1 y anteriores, permite a los usuarios locales ganar privilegios elevados gracias a unas circunstancias específicas.", }, ], id: "CVE-2019-3582", lastModified: "2024-11-21T04:42:12.843", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.1, confidentialityImpact: "PARTIAL", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:P/I:C/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 8.5, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.6, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 6, source: "trellixpsirt@trellix.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-02-28T15:29:00.327", references: [ { source: "trellixpsirt@trellix.com", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10254", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10254", }, ], sourceIdentifier: "trellixpsirt@trellix.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-05-08 12:15
Modified
2024-11-21 05:36
Severity ?
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H
8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H
Summary
Privilege Escalation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 Hotfix 199847 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | endpoint_security | * | |
| mcafee | endpoint_security | 10.6.0 | |
| mcafee | endpoint_security | 10.7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:endpoint_security:*:*:*:*:*:windows:*:*", matchCriteriaId: "E23BC14B-6D4C-494E-A7FF-42FBEE026AD2", versionEndExcluding: "10.5.5", versionStartIncluding: "10.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.6.0:*:*:*:*:windows:*:*", matchCriteriaId: "94732038-F35D-41AB-A550-E6F5FF9004DF", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.7.0:*:*:*:*:windows:*:*", matchCriteriaId: "9D9F994B-0724-4351-8BF8-836A0A89837A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Privilege Escalation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 Hotfix 199847 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine.", }, { lang: "es", value: "Una vulnerabilidad de Escalada de Privilegios en McAfee Endpoint Security (ENS) para Windows versiones anteriores a 10.7.0 Hotfix 199847, permite a usuarios locales eliminar archivos a los que de otro modo el usuario no tendría acceso por medio de la manipulación de enlaces simbólicos para redireccionar una acción de eliminación de McAfee hacia un archivo no deseado. Esto es logrado por medio de la ejecución de un script o programa malicioso en la máquina objetivo.", }, ], id: "CVE-2020-7264", lastModified: "2024-11-21T05:36:57.220", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 3.6, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:N/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2, impactScore: 6, source: "trellixpsirt@trellix.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H", version: "3.1", }, exploitabilityScore: 2, impactScore: 5.8, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-05-08T12:15:12.097", references: [ { source: "trellixpsirt@trellix.com", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10316", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10316", }, ], sourceIdentifier: "trellixpsirt@trellix.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-274", }, ], source: "trellixpsirt@trellix.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-269", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-10 10:15
Modified
2024-11-21 05:51
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Summary
Improper Access Control in attribute in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows authenticated local administrator user to perform an uninstallation of the anti-malware engine via the running of a specific command with the correct parameters.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| trellixpsirt@trellix.com | https://kc.mcafee.com/corporate/index?page=content&id=SB10345 | Broken Link, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kc.mcafee.com/corporate/index?page=content&id=SB10345 | Broken Link, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | endpoint_security | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:endpoint_security:*:*:*:*:*:windows:*:*", matchCriteriaId: "CA4CEE25-A297-4D69-8CF8-5425875B206A", versionEndExcluding: "10.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Improper Access Control in attribute in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows authenticated local administrator user to perform an uninstallation of the anti-malware engine via the running of a specific command with the correct parameters.", }, { lang: "es", value: "Un Control de Acceso Inapropiado en attribute en McAfee Endpoint Security (ENS) para Windows versiones anteriores a 10.7.0 actualización de Febrero de 2021, permite a un usuario administrador local autenticado llevar a cabo una desinstalación del motor anti-malware por medio de la ejecución de un comando específico con los parámetros correctos", }, ], id: "CVE-2021-23880", lastModified: "2024-11-21T05:51:59.600", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "trellixpsirt@trellix.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-10T10:15:13.177", references: [ { source: "trellixpsirt@trellix.com", tags: [ "Broken Link", "Vendor Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10345", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Vendor Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10345", }, ], sourceIdentifier: "trellixpsirt@trellix.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-269", }, ], source: "trellixpsirt@trellix.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-10 11:15
Modified
2024-11-21 05:51
Severity ?
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
A stored cross site scripting vulnerability in ePO extension of McAfee Endpoint Security (ENS) prior to 10.7.0 February 2021 Update allows an ENS ePO administrator to add a script to a policy event which will trigger the script to be run through a browser block page when a local non-administrator user triggers the policy.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| trellixpsirt@trellix.com | https://kc.mcafee.com/corporate/index?page=content&id=SB10345 | Broken Link, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kc.mcafee.com/corporate/index?page=content&id=SB10345 | Broken Link, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | endpoint_security | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:endpoint_security:*:*:*:*:*:windows:*:*", matchCriteriaId: "CA4CEE25-A297-4D69-8CF8-5425875B206A", versionEndExcluding: "10.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A stored cross site scripting vulnerability in ePO extension of McAfee Endpoint Security (ENS) prior to 10.7.0 February 2021 Update allows an ENS ePO administrator to add a script to a policy event which will trigger the script to be run through a browser block page when a local non-administrator user triggers the policy.", }, { lang: "es", value: "Una vulnerabilidad de tipo cross site scripting almacenado en la extensión ePO de McAfee Endpoint Security (ENS) versiones anteriores a 10.7.0 actualización de Febrero de 2021, permite a un administrador de ePO de ENS agregar un script a un evento de política que desencadenará el script para que sea ejecutado mediante una página de bloqueo del navegador cuando un usuario local que no es administrador activa la política", }, ], id: "CVE-2021-23881", lastModified: "2024-11-21T05:51:59.720", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 2.7, source: "trellixpsirt@trellix.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 1.7, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-10T11:15:13.177", references: [ { source: "trellixpsirt@trellix.com", tags: [ "Broken Link", "Vendor Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10345", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Vendor Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10345", }, ], sourceIdentifier: "trellixpsirt@trellix.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "trellixpsirt@trellix.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-10 10:15
Modified
2024-11-21 05:51
Severity ?
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Summary
Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows local administrators to prevent the installation of some ENS files by placing carefully crafted files where ENS will be installed. This is only applicable to clean installations of ENS as the Access Control rules will prevent modification prior to up an upgrade.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| trellixpsirt@trellix.com | https://kc.mcafee.com/corporate/index?page=content&id=SB10345 | Broken Link, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kc.mcafee.com/corporate/index?page=content&id=SB10345 | Broken Link, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | endpoint_security | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:endpoint_security:*:*:*:*:*:windows:*:*", matchCriteriaId: "CA4CEE25-A297-4D69-8CF8-5425875B206A", versionEndExcluding: "10.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows local administrators to prevent the installation of some ENS files by placing carefully crafted files where ENS will be installed. This is only applicable to clean installations of ENS as the Access Control rules will prevent modification prior to up an upgrade.", }, { lang: "es", value: "Una vulnerabilidad de Control de Acceso Inapropiado en McAfee Endpoint Security (ENS) para Windows versiones anteriores a 10.7.0 actualización de Febrero de 2021, permite a administradores locales impedir la instalación de algunos archivos ENS al colocar archivos cuidadosamente diseñados donde será instalado ENS. Esto solo se aplica a instalaciones limpias de ENS, ya que las reglas de Control de Acceso impedirán modificaciones antes de llevar a cabo una actualización", }, ], id: "CVE-2021-23882", lastModified: "2024-11-21T05:51:59.840", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 1.9, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.5, impactScore: 6, source: "trellixpsirt@trellix.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-10T10:15:13.363", references: [ { source: "trellixpsirt@trellix.com", tags: [ "Broken Link", "Vendor Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10345", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Vendor Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10345", }, ], sourceIdentifier: "trellixpsirt@trellix.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-269", }, ], source: "trellixpsirt@trellix.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-10 10:15
Modified
2024-11-21 05:51
Severity ?
4.0 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Summary
A Null Pointer Dereference vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows a local administrator to cause Windows to crash via a specific system call which is not handled correctly. This varies by machine and had partial protection prior to this update.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | endpoint_security | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:endpoint_security:*:*:*:*:*:windows:*:*", matchCriteriaId: "CA4CEE25-A297-4D69-8CF8-5425875B206A", versionEndExcluding: "10.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A Null Pointer Dereference vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows a local administrator to cause Windows to crash via a specific system call which is not handled correctly. This varies by machine and had partial protection prior to this update.", }, { lang: "es", value: "Una vulnerabilidad de Desreferencia del Puntero Null en McAfee Endpoint Security (ENS) para Windows versiones anteriores a actualización 10.7.0 de Febrero de 2021, permite a un administrador local causar a Windows bloquearse por medio de una llamada específica al sistema que no es manejada correctamente. Esto varía según la máquina y tenía protección parcial anterior a esta actualización", }, ], id: "CVE-2021-23883", lastModified: "2024-11-21T05:51:59.953", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 4.9, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 0.3, impactScore: 3.6, source: "trellixpsirt@trellix.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-10T10:15:13.473", references: [ { source: "trellixpsirt@trellix.com", tags: [ "Broken Link", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10345", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10345", }, ], sourceIdentifier: "trellixpsirt@trellix.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "trellixpsirt@trellix.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-04-03 22:29
Modified
2024-11-21 03:26
Severity ?
5.0 (Medium) - CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:N/I:H/A:N
4.4 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
4.4 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Summary
Maliciously misconfigured registry vulnerability in all Microsoft Windows products in McAfee consumer and corporate products allows an administrator to inject arbitrary code into a debugged McAfee process via manipulation of registry parameters.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:anti-virus_plus:-:*:*:*:*:*:*:*", matchCriteriaId: "2F3320DA-317A-4668-8CB7-B253CF4E26BB", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.2:*:*:*:*:*:*:*", matchCriteriaId: "FDA3764B-02A5-4CB8-A2CF-BDEC69A3F1F4", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:host_intrusion_prevention:*:*:*:*:*:*:*:*", matchCriteriaId: "0B258695-3C79-4EF0-9F57-96867BBCE2B9", versionEndIncluding: "8.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:host_intrusion_prevention:8.0:patch_1:*:*:*:*:*:*", matchCriteriaId: "551CDFD4-6CB5-478C-87BD-E8FCA2564452", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:host_intrusion_prevention:8.0:patch_2:*:*:*:*:*:*", matchCriteriaId: "3C8C36BD-4C81-43A2-A1B0-FD6FC43D7077", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:host_intrusion_prevention:8.0:patch_3:*:*:*:*:*:*", matchCriteriaId: "7507AF42-7435-408F-8D13-12AEB6BD2D88", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:host_intrusion_prevention:8.0:patch_4:*:*:*:*:*:*", matchCriteriaId: "0DF5032E-F91D-48D8-AAEE-35784BD87778", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:host_intrusion_prevention:8.0:patch_5:*:*:*:*:*:*", matchCriteriaId: "22BBD8D0-3D09-4A0C-AF5F-5655329D01E3", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:host_intrusion_prevention:8.0:patch_6:*:*:*:*:*:*", matchCriteriaId: "143B1FC1-CD35-411F-B67F-4879DCE4531F", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:host_intrusion_prevention:8.0:patch_7:*:*:*:*:*:*", matchCriteriaId: "31C16E08-FFB3-426E-9A9F-D496A50F10BB", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:host_intrusion_prevention:8.0:patch_8:*:*:*:*:*:*", matchCriteriaId: "E096860A-4AA2-4A3F-8B45-998E6E48F175", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:host_intrusion_prevention:8.0:patch_9:*:*:*:*:*:*", matchCriteriaId: "91D6F788-8D23-44D8-AFAF-780F45885341", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:internet_security:-:*:*:*:*:*:*:*", matchCriteriaId: "7B53E987-4329-4FA9-AC94-0286D64B7E88", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:total_protection:-:*:*:*:*:*:*:*", matchCriteriaId: "251D56EC-7153-451F-A558-92E0F5BFACEE", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:virus_scan_enterprise:*:*:*:*:*:*:*:*", matchCriteriaId: "5EF52F97-EC0A-4CE9-A62B-4881210CA186", versionEndIncluding: "8.8", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:virus_scan_enterprise:8.8:patch_9:*:*:*:*:*:*", matchCriteriaId: "6E4B5233-94A6-4E3E-B13B-08C6633BDCF7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Maliciously misconfigured registry vulnerability in all Microsoft Windows products in McAfee consumer and corporate products allows an administrator to inject arbitrary code into a debugged McAfee process via manipulation of registry parameters.", }, { lang: "es", value: "Vulnerabilidad de registro maliciosamente configurado en todos los productos Microsoft Windows en productos para consumidores y empresas de McAfee permite que un administrador inyecte código arbitrario en un proceso McAffee depurado mediante la manipulación de parámetros de registro.", }, ], id: "CVE-2017-4028", lastModified: "2024-11-21T03:26:25.340", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:N/I:H/A:N", version: "3.0", }, exploitabilityScore: 0.6, impactScore: 4, source: "trellixpsirt@trellix.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.4, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-04-03T22:29:00.523", references: [ { source: "trellixpsirt@trellix.com", url: "http://www.securityfocus.com/bid/97958", }, { source: "trellixpsirt@trellix.com", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10193", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/97958", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10193", }, ], sourceIdentifier: "trellixpsirt@trellix.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-74", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-04-15 12:15
Modified
2024-11-21 05:36
Severity ?
6.6 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:L
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Exploitation of Privilege/Trust vulnerability in file in McAfee Endpoint Security (ENS) Prior to 10.7.0 February 2020 Update allows local users to bypass local security protection via a carefully crafted input file
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | endpoint_security | 10.5.0 | |
| mcafee | endpoint_security | 10.5.1 | |
| mcafee | endpoint_security | 10.5.2 | |
| mcafee | endpoint_security | 10.5.3 | |
| mcafee | endpoint_security | 10.5.4 | |
| mcafee | endpoint_security | 10.5.5 | |
| mcafee | endpoint_security | 10.6.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.0:*:*:*:*:windows:*:*", matchCriteriaId: "6AC514CA-D094-433D-9561-99048D43902F", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.1:*:*:*:*:windows:*:*", matchCriteriaId: "1B7AE3E9-DDCE-4119-B57D-B3D471E05B16", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.2:*:*:*:*:windows:*:*", matchCriteriaId: "603FE358-FADA-4FE6-B3F2-169D032A57E9", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.3:*:*:*:*:windows:*:*", matchCriteriaId: "66461D42-AE21-41B3-9FCB-3F6D09AC323E", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.4:*:*:*:*:windows:*:*", matchCriteriaId: "DCC441CF-5EA0-41C1-AE15-6672FF20B73A", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.5:*:*:*:*:windows:*:*", matchCriteriaId: "A6551AB4-1B0F-4EE3-8ED1-99413E3F19DD", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.6.0:*:*:*:*:windows:*:*", matchCriteriaId: "94732038-F35D-41AB-A550-E6F5FF9004DF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Exploitation of Privilege/Trust vulnerability in file in McAfee Endpoint Security (ENS) Prior to 10.7.0 February 2020 Update allows local users to bypass local security protection via a carefully crafted input file", }, { lang: "es", value: "Una vulnerabilidad de Explotación de Privilegios y Confianza en archivos en McAfee Endpoint Security (ENS) versión anterior a 10.7.0 Update de Febrero de 2020, permite a usuarios locales omitir la protección de seguridad local por medio de un archivo de entrada cuidadosamente diseñado", }, ], id: "CVE-2020-7259", lastModified: "2024-11-21T05:36:56.670", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:L", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.3, source: "trellixpsirt@trellix.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-15T12:15:12.013", references: [ { source: "trellixpsirt@trellix.com", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], sourceIdentifier: "trellixpsirt@trellix.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "trellixpsirt@trellix.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-269", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-09-17 14:15
Modified
2024-11-21 06:06
Severity ?
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Improper privileges management vulnerability in McAfee Endpoint Security (ENS) Windows prior to 10.7.0 September 2021 Update allows local users to access files which they would otherwise not have access to via manipulating junction links to redirect McAfee folder operations to an unintended location.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | endpoint_security | * | |
| mcafee | endpoint_security | 10.7.0 | |
| mcafee | endpoint_security | 10.7.0 | |
| mcafee | endpoint_security | 10.7.0 | |
| mcafee | endpoint_security | 10.7.0 | |
| mcafee | endpoint_security | 10.7.0 | |
| mcafee | endpoint_security | 10.7.0 | |
| mcafee | endpoint_security | 10.7.0 | |
| mcafee | endpoint_security | 10.7.0 | |
| mcafee | endpoint_security | 10.7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:endpoint_security:*:*:*:*:*:windows:*:*", matchCriteriaId: "CA4CEE25-A297-4D69-8CF8-5425875B206A", versionEndExcluding: "10.7.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.7.0:-:*:*:*:windows:*:*", matchCriteriaId: "C11DA65D-216F-4FBA-8BEC-9192FD9D7C9A", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.7.0:april_2020:*:*:*:windows:*:*", matchCriteriaId: "A1D86327-CEF4-4906-AE46-29CB79773529", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.7.0:april_2021:*:*:*:windows:*:*", matchCriteriaId: "775B5D3E-B29C-41DD-BD36-5E0D226572A2", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.7.0:february_2020:*:*:*:windows:*:*", matchCriteriaId: "6243F2C9-35EA-46A9-B48E-F2EB23D9376F", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.7.0:february_2021:*:*:*:windows:*:*", matchCriteriaId: "E11E0370-8170-4AEA-9DE0-B27D5E5F56AF", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.7.0:july_2020:*:*:*:windows:*:*", matchCriteriaId: "2BA52931-828B-4FC9-BB2F-B40180379342", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.7.0:june_2021:*:*:*:windows:*:*", matchCriteriaId: "58FF0D83-3119-4EA4-9BDB-F744AE12E7EB", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.7.0:november_2020:*:*:*:windows:*:*", matchCriteriaId: "B8F298BE-99AF-4C66-B852-A4EF7734E76F", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.7.0:september_2020:*:*:*:windows:*:*", matchCriteriaId: "6FE691D2-B7ED-48D9-8AE2-9711B35D2D35", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Improper privileges management vulnerability in McAfee Endpoint Security (ENS) Windows prior to 10.7.0 September 2021 Update allows local users to access files which they would otherwise not have access to via manipulating junction links to redirect McAfee folder operations to an unintended location.\n\n", }, { lang: "es", value: "Una vulnerabilidad de administración de privilegios inapropiada en McAfee Endpoint Security (ENS) Windows versiones anteriores a la actualización 10.7.0 de septiembre de 2021, permite a usuarios locales acceder a archivos a los que no tendrían acceso por medio de la manipulación de enlaces de unión para redirigir las operaciones de carpetas de McAfee a una ubicación no deseada", }, ], id: "CVE-2021-31843", lastModified: "2024-11-21T06:06:20.423", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.3, impactScore: 5.9, source: "trellixpsirt@trellix.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-09-17T14:15:08.177", references: [ { source: "trellixpsirt@trellix.com", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10367", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10367", }, ], sourceIdentifier: "trellixpsirt@trellix.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-59", }, ], source: "trellixpsirt@trellix.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-59", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-02-14 15:15
Modified
2024-11-21 05:36
Severity ?
5.0 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Summary
Improper access control vulnerability in Configuration Tool in McAfee Mcafee Endpoint Security (ENS) Prior to 10.6.1 February 2020 Update allows local users to disable security features via unauthorised use of the configuration tool from older versions of ENS.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | endpoint_security | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:endpoint_security:*:*:*:*:*:*:*:*", matchCriteriaId: "9985AFC3-82B8-41B2-8196-0B6BE7671FE7", versionEndExcluding: "10.6.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Improper access control vulnerability in Configuration Tool in McAfee Mcafee Endpoint Security (ENS) Prior to 10.6.1 February 2020 Update allows local users to disable security features via unauthorised use of the configuration tool from older versions of ENS.", }, { lang: "es", value: "Una vulnerabilidad de control de acceso inapropiada en Configuration Tool en Mcafee Endpoint Security (ENS) versiones anteriores a 10.6.1. La Actualización de febrero de 2020, permite a usuarios locales deshabilitar las características de seguridad, por medio del uso no autorizado de configuration tool desde las versiones anteriores de ENS.", }, ], id: "CVE-2020-7251", lastModified: "2024-11-21T05:36:55.740", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 4.2, source: "trellixpsirt@trellix.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-02-14T15:15:11.650", references: [ { source: "trellixpsirt@trellix.com", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10299", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10299", }, ], sourceIdentifier: "trellixpsirt@trellix.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-358", }, ], source: "trellixpsirt@trellix.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-863", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-10-09 16:15
Modified
2024-11-21 04:42
Severity ?
4.6 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Summary
Improper access control vulnerability in Configuration tool in McAfee Endpoint Security (ENS) Prior to 10.6.1 October 2019 Update allows local user to gain access to security configuration via unauthorized use of the configuration tool.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | endpoint_security | * | |
| mcafee | endpoint_security | * | |
| mcafee | endpoint_security | 10.16.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:endpoint_security:*:*:*:*:*:*:*:*", matchCriteriaId: "1674A876-8429-40B0-8D32-171C0089FFE2", versionEndIncluding: "10.5.5", versionStartIncluding: "10.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:*:*:*:*:*:*:*:*", matchCriteriaId: "53207FA9-42F0-439B-B2FF-C88075012D9E", versionEndExcluding: "10.6.1", versionStartIncluding: "10.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.16.1:-:*:*:*:*:*:*", matchCriteriaId: "7E40346A-9F76-466F-949D-B5DEAACF1B3F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Improper access control vulnerability in Configuration tool in McAfee Endpoint Security (ENS) Prior to 10.6.1 October 2019 Update allows local user to gain access to security configuration via unauthorized use of the configuration tool.", }, { lang: "es", value: "Una vulnerabilidad de control de acceso inapropiada en la herramienta de Configuración en McAfee Endpoint Security (ENS) versiones anteriores a 10.6.1 Update de octubre 2019, permite al usuario local conseguir acceso a la configuración de seguridad mediante el uso no autorizado de la herramienta de configuración.", }, ], id: "CVE-2019-3653", lastModified: "2024-11-21T04:42:18.110", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:L/A:N", version: "3.1", }, exploitabilityScore: 0.3, impactScore: 4.2, source: "trellixpsirt@trellix.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-10-09T16:15:16.140", references: [ { source: "trellixpsirt@trellix.com", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10299", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10299", }, ], sourceIdentifier: "trellixpsirt@trellix.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "trellixpsirt@trellix.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-09-09 10:15
Modified
2024-11-21 05:37
Severity ?
4.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L
4.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L
4.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L
Summary
Information Disclosure Vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local users to gain access to sensitive information via incorrectly logging of sensitive information in debug logs.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | endpoint_security | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:endpoint_security:*:*:*:*:*:windows:*:*", matchCriteriaId: "CA4CEE25-A297-4D69-8CF8-5425875B206A", versionEndExcluding: "10.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Information Disclosure Vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local users to gain access to sensitive information via incorrectly logging of sensitive information in debug logs.", }, { lang: "es", value: "Una vulnerabilidad de divulgación de información en McAfee Endpoint Security (ENS) para Windows versiones anteriores a 10.7.0 Actualización de Septiembre de 2020, permite a usuarios locales obtener acceso a información confidencial mediante el registro incorrecto de información confidencial en los registros de depuración.", }, ], id: "CVE-2020-7322", lastModified: "2024-11-21T05:37:03.560", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 0.6, impactScore: 3.7, source: "trellixpsirt@trellix.com", type: "Secondary", }, { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 0.6, impactScore: 3.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-09-09T10:15:11.553", references: [ { source: "trellixpsirt@trellix.com", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10327", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10327", }, ], sourceIdentifier: "trellixpsirt@trellix.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-532", }, ], source: "trellixpsirt@trellix.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-532", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-04-15 12:15
Modified
2024-11-21 05:36
Severity ?
6.6 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:L
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Privilege escalation vulnerability in McTray.exe in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to spawn unrelated processes with elevated privileges via the system administrator granting McTray.exe elevated privileges (by default it runs with the current user's privileges).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | endpoint_security | 10.5.0 | |
| mcafee | endpoint_security | 10.5.1 | |
| mcafee | endpoint_security | 10.5.2 | |
| mcafee | endpoint_security | 10.5.3 | |
| mcafee | endpoint_security | 10.5.4 | |
| mcafee | endpoint_security | 10.5.5 | |
| mcafee | endpoint_security | 10.6.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.0:*:*:*:*:windows:*:*", matchCriteriaId: "6AC514CA-D094-433D-9561-99048D43902F", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.1:*:*:*:*:windows:*:*", matchCriteriaId: "1B7AE3E9-DDCE-4119-B57D-B3D471E05B16", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.2:*:*:*:*:windows:*:*", matchCriteriaId: "603FE358-FADA-4FE6-B3F2-169D032A57E9", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.3:*:*:*:*:windows:*:*", matchCriteriaId: "66461D42-AE21-41B3-9FCB-3F6D09AC323E", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.4:*:*:*:*:windows:*:*", matchCriteriaId: "DCC441CF-5EA0-41C1-AE15-6672FF20B73A", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.5:*:*:*:*:windows:*:*", matchCriteriaId: "A6551AB4-1B0F-4EE3-8ED1-99413E3F19DD", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.6.0:*:*:*:*:windows:*:*", matchCriteriaId: "94732038-F35D-41AB-A550-E6F5FF9004DF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Privilege escalation vulnerability in McTray.exe in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to spawn unrelated processes with elevated privileges via the system administrator granting McTray.exe elevated privileges (by default it runs with the current user's privileges).", }, { lang: "es", value: "Una vulnerabilidad de escalada de privilegios en el archivo McTray.exe en McAfee Endpoint Security (ENS) para Windows versiones anteriores a 10.7.0 Update de Abril de 2020, permite a usuarios locales generar procesos no relacionados con privilegios elevados por medio del administrador del sistema que otorga privilegios elevados al archivo McTray.exe (por defecto se ejecuta con los privilegios del usuario actual).", }, ], id: "CVE-2020-7274", lastModified: "2024-11-21T05:36:58.150", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 6.6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:L", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.3, source: "trellixpsirt@trellix.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-15T12:15:12.230", references: [ { source: "trellixpsirt@trellix.com", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], sourceIdentifier: "trellixpsirt@trellix.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-269", }, ], source: "trellixpsirt@trellix.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-269", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-04-15 12:15
Modified
2024-11-21 05:36
Severity ?
6.4 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:H/A:L
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Authentication bypass vulnerability in MfeUpgradeTool in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 April 2020 Update allows administrator users to access policy settings via running this tool.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | endpoint_security | 10.5.0 | |
| mcafee | endpoint_security | 10.5.1 | |
| mcafee | endpoint_security | 10.5.2 | |
| mcafee | endpoint_security | 10.5.3 | |
| mcafee | endpoint_security | 10.5.4 | |
| mcafee | endpoint_security | 10.5.5 | |
| mcafee | endpoint_security | 10.6.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.0:*:*:*:*:windows:*:*", matchCriteriaId: "6AC514CA-D094-433D-9561-99048D43902F", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.1:*:*:*:*:windows:*:*", matchCriteriaId: "1B7AE3E9-DDCE-4119-B57D-B3D471E05B16", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.2:*:*:*:*:windows:*:*", matchCriteriaId: "603FE358-FADA-4FE6-B3F2-169D032A57E9", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.3:*:*:*:*:windows:*:*", matchCriteriaId: "66461D42-AE21-41B3-9FCB-3F6D09AC323E", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.4:*:*:*:*:windows:*:*", matchCriteriaId: "DCC441CF-5EA0-41C1-AE15-6672FF20B73A", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.5:*:*:*:*:windows:*:*", matchCriteriaId: "A6551AB4-1B0F-4EE3-8ED1-99413E3F19DD", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.6.0:*:*:*:*:windows:*:*", matchCriteriaId: "94732038-F35D-41AB-A550-E6F5FF9004DF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Authentication bypass vulnerability in MfeUpgradeTool in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 April 2020 Update allows administrator users to access policy settings via running this tool.", }, { lang: "es", value: "Una vulnerabilidad de omisión de autenticación en MfeUpgradeTool en McAfee Endpoint Security (ENS) para Windows versiones anteriores a 10.7.0 Update de Abril de 2020, permite a usuarios administradores acceder a la configuración de políticas por medio de la ejecución de esta herramienta.", }, ], id: "CVE-2020-7276", lastModified: "2024-11-21T05:36:58.380", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 6.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:H/A:L", version: "3.1", }, exploitabilityScore: 0.6, impactScore: 5.3, source: "trellixpsirt@trellix.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-15T12:15:12.370", references: [ { source: "trellixpsirt@trellix.com", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], sourceIdentifier: "trellixpsirt@trellix.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-287", }, ], source: "trellixpsirt@trellix.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-287", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-11-12 10:15
Modified
2024-11-21 05:37
Severity ?
7.0 (High) - CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Cross Site Request Forgery vulnerability in the firewall ePO extension of McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows an attacker to execute arbitrary HTML code due to incorrect security configuration.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| trellixpsirt@trellix.com | https://kc.mcafee.com/corporate/index?page=content&id=SB10335 | Broken Link, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kc.mcafee.com/corporate/index?page=content&id=SB10335 | Broken Link, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | endpoint_security | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:endpoint_security:*:*:*:*:*:windows:*:*", matchCriteriaId: "277DF1D5-0C18-4549-875C-84828ABE7B20", versionEndExcluding: "10.6.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Cross Site Request Forgery vulnerability in the firewall ePO extension of McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows an attacker to execute arbitrary HTML code due to incorrect security configuration.", }, { lang: "es", value: "Vulnerabilidad de tipo Cross Site Request Forgery en la extensión ePO del firewall de McAfee Endpoint Security (ENS) versiones anteriores a 10.7.0, actualización de Noviembre de 2020, permite a un atacante ejecutar código HTML arbitrario debido a una configuración de seguridad incorrecta", }, ], id: "CVE-2020-7332", lastModified: "2024-11-21T05:37:04.753", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L", version: "3.1", }, exploitabilityScore: 1.5, impactScore: 5.5, source: "trellixpsirt@trellix.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-11-12T10:15:13.623", references: [ { source: "trellixpsirt@trellix.com", tags: [ "Broken Link", "Vendor Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10335", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Vendor Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10335", }, ], sourceIdentifier: "trellixpsirt@trellix.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-352", }, ], source: "trellixpsirt@trellix.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-352", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-04-15 12:15
Modified
2024-11-21 05:36
Severity ?
6.1 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Summary
Buffer Overflow via Environment Variables vulnerability in AMSI component in McAfee Endpoint Security (ENS) Prior to 10.7.0 February 2020 Update allows local users to disable Endpoint Security via a carefully crafted user input.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | endpoint_security | 10.5.0 | |
| mcafee | endpoint_security | 10.5.1 | |
| mcafee | endpoint_security | 10.5.2 | |
| mcafee | endpoint_security | 10.5.3 | |
| mcafee | endpoint_security | 10.5.4 | |
| mcafee | endpoint_security | 10.5.5 | |
| mcafee | endpoint_security | 10.6.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.0:*:*:*:*:windows:*:*", matchCriteriaId: "6AC514CA-D094-433D-9561-99048D43902F", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.1:*:*:*:*:windows:*:*", matchCriteriaId: "1B7AE3E9-DDCE-4119-B57D-B3D471E05B16", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.2:*:*:*:*:windows:*:*", matchCriteriaId: "603FE358-FADA-4FE6-B3F2-169D032A57E9", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.3:*:*:*:*:windows:*:*", matchCriteriaId: "66461D42-AE21-41B3-9FCB-3F6D09AC323E", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.4:*:*:*:*:windows:*:*", matchCriteriaId: "DCC441CF-5EA0-41C1-AE15-6672FF20B73A", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.5:*:*:*:*:windows:*:*", matchCriteriaId: "A6551AB4-1B0F-4EE3-8ED1-99413E3F19DD", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.6.0:*:*:*:*:windows:*:*", matchCriteriaId: "94732038-F35D-41AB-A550-E6F5FF9004DF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Buffer Overflow via Environment Variables vulnerability in AMSI component in McAfee Endpoint Security (ENS) Prior to 10.7.0 February 2020 Update allows local users to disable Endpoint Security via a carefully crafted user input.", }, { lang: "es", value: "Una vulnerabilidad de Desbordamiento de Búfer por medio de Variables de Entorno en el componente AMSI en McAfee Endpoint Security (ENS) versiones anteriores a 10.7.0 Update de Febrero de 2020, permite a usuarios locales desactivar Endpoint Security por medio de una entrada de usuario cuidadosamente diseñada.", }, ], id: "CVE-2020-7261", lastModified: "2024-11-21T05:36:56.880", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:N", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 4.7, source: "trellixpsirt@trellix.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-15T12:15:12.090", references: [ { source: "trellixpsirt@trellix.com", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], sourceIdentifier: "trellixpsirt@trellix.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "trellixpsirt@trellix.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-09-17 14:15
Modified
2024-11-21 06:06
Severity ?
5.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
XML Entity Expansion injection vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2021 Update allows a local user to initiate high CPU and memory consumption resulting in a Denial of Service attack through carefully editing the EPDeploy.xml file and then executing the setup process.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | endpoint_security | * | |
| mcafee | endpoint_security | 10.7.0 | |
| mcafee | endpoint_security | 10.7.0 | |
| mcafee | endpoint_security | 10.7.0 | |
| mcafee | endpoint_security | 10.7.0 | |
| mcafee | endpoint_security | 10.7.0 | |
| mcafee | endpoint_security | 10.7.0 | |
| mcafee | endpoint_security | 10.7.0 | |
| mcafee | endpoint_security | 10.7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:endpoint_security:*:*:*:*:*:windows:*:*", matchCriteriaId: "CA4CEE25-A297-4D69-8CF8-5425875B206A", versionEndExcluding: "10.7.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.7.0:april_2020:*:*:*:windows:*:*", matchCriteriaId: "A1D86327-CEF4-4906-AE46-29CB79773529", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.7.0:april_2021:*:*:*:windows:*:*", matchCriteriaId: "775B5D3E-B29C-41DD-BD36-5E0D226572A2", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.7.0:february_2020:*:*:*:windows:*:*", matchCriteriaId: "6243F2C9-35EA-46A9-B48E-F2EB23D9376F", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.7.0:february_2021:*:*:*:windows:*:*", matchCriteriaId: "E11E0370-8170-4AEA-9DE0-B27D5E5F56AF", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.7.0:july_2020:*:*:*:windows:*:*", matchCriteriaId: "2BA52931-828B-4FC9-BB2F-B40180379342", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.7.0:june_2021:*:*:*:windows:*:*", matchCriteriaId: "58FF0D83-3119-4EA4-9BDB-F744AE12E7EB", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.7.0:november_2020:*:*:*:windows:*:*", matchCriteriaId: "B8F298BE-99AF-4C66-B852-A4EF7734E76F", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.7.0:september_2020:*:*:*:windows:*:*", matchCriteriaId: "6FE691D2-B7ED-48D9-8AE2-9711B35D2D35", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "XML Entity Expansion injection vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2021 Update allows a local user to initiate high CPU and memory consumption resulting in a Denial of Service attack through carefully editing the EPDeploy.xml file and then executing the setup process.", }, { lang: "es", value: "Una vulnerabilidad de tipo XML Entity Expansion injection en McAfee Endpoint Security (ENS) para Windows versiones anteriores a la actualización 10.7.0 de septiembre de 2021, permite a un usuario local iniciar un elevado consumo de CPU y memoria resultando en un ataque de denegación de servicio mediante la edición cuidadosa del archivo EPDeploy.xml y la posterior ejecución del proceso de instalación", }, ], id: "CVE-2021-31842", lastModified: "2024-11-21T06:06:20.300", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.3, impactScore: 3.6, source: "trellixpsirt@trellix.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-09-17T14:15:08.097", references: [ { source: "trellixpsirt@trellix.com", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10367", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10367", }, ], sourceIdentifier: "trellixpsirt@trellix.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-776", }, ], source: "trellixpsirt@trellix.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-776", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-03-14 22:59
Modified
2024-11-21 02:58
Severity ?
Summary
Application protections bypass vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and earlier and Endpoint Security (ENS) 10.2 and earlier allows local users to bypass local security protection via a command-line utility.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secure@intel.com | http://www.securityfocus.com/bid/94661 | Third Party Advisory, VDB Entry | |
| secure@intel.com | https://kc.mcafee.com/corporate/index?page=content&id=SB10179 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/94661 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kc.mcafee.com/corporate/index?page=content&id=SB10179 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | application_control | * | |
| mcafee | endpoint_security | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:application_control:*:*:*:*:*:*:*:*", matchCriteriaId: "FFCBBB86-C8B6-46D2-BB81-001C46124C56", versionEndIncluding: "7.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:*:*:*:*:*:*:*:*", matchCriteriaId: "87C42753-8FCF-40C9-B429-3D4A3A2EB6C5", versionEndIncluding: "10.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Application protections bypass vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and earlier and Endpoint Security (ENS) 10.2 and earlier allows local users to bypass local security protection via a command-line utility.", }, { lang: "es", value: "Vulnerabilidad de elusión de protecciones de aplicaciones en Intel Security McAfee Application Control (MAC) 7.0 y versiones anteriores y Endpoint Security (ENS) 10.2 y versiones anteriores permite a usuarios locales eludir la protección de seguridad local a través de una utilidad de comando de línea.", }, ], id: "CVE-2016-8010", lastModified: "2024-11-21T02:58:53.733", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-03-14T22:59:00.743", references: [ { source: "secure@intel.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/94661", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10179", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/94661", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10179", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-04-15 13:15
Modified
2024-11-21 05:36
Severity ?
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Symbolic link manipulation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows authenticated local user to potentially gain an escalation of privileges by pointing the link to files which the user which not normally have permission to alter via carefully creating symbolic links from the ENS log file directory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | endpoint_security | 10.5.0 | |
| mcafee | endpoint_security | 10.5.1 | |
| mcafee | endpoint_security | 10.5.2 | |
| mcafee | endpoint_security | 10.5.3 | |
| mcafee | endpoint_security | 10.5.4 | |
| mcafee | endpoint_security | 10.5.5 | |
| mcafee | endpoint_security | 10.6.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.0:*:*:*:*:windows:*:*", matchCriteriaId: "6AC514CA-D094-433D-9561-99048D43902F", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.1:*:*:*:*:windows:*:*", matchCriteriaId: "1B7AE3E9-DDCE-4119-B57D-B3D471E05B16", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.2:*:*:*:*:windows:*:*", matchCriteriaId: "603FE358-FADA-4FE6-B3F2-169D032A57E9", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.3:*:*:*:*:windows:*:*", matchCriteriaId: "66461D42-AE21-41B3-9FCB-3F6D09AC323E", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.4:*:*:*:*:windows:*:*", matchCriteriaId: "DCC441CF-5EA0-41C1-AE15-6672FF20B73A", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.5:*:*:*:*:windows:*:*", matchCriteriaId: "A6551AB4-1B0F-4EE3-8ED1-99413E3F19DD", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.6.0:*:*:*:*:windows:*:*", matchCriteriaId: "94732038-F35D-41AB-A550-E6F5FF9004DF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Symbolic link manipulation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows authenticated local user to potentially gain an escalation of privileges by pointing the link to files which the user which not normally have permission to alter via carefully creating symbolic links from the ENS log file directory.", }, { lang: "es", value: "Una vulnerabilidad de manipulación en enlaces simbólicos en McAfee Endpoint Security (ENS) para Windows versiones anteriores a 10.7.0 Update de Abril de 2020, permite a un usuario local autenticado conseguir una escalada de privilegios al señalar el enlace a archivos que el usuario normalmente no tiene permiso para modificar por medio de enlaces simbólicos cuidadosamente creados desde el directorio del archivo de registro de ENS.", }, ], id: "CVE-2020-7250", lastModified: "2024-11-21T05:36:55.620", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.5, impactScore: 6, source: "trellixpsirt@trellix.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-15T13:15:13.080", references: [ { source: "trellixpsirt@trellix.com", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], sourceIdentifier: "trellixpsirt@trellix.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-59", }, ], source: "trellixpsirt@trellix.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-59", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-09-09 10:15
Modified
2024-11-21 05:37
Severity ?
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Summary
Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local users to access files which the user otherwise would not have access to via manipulating symbolic links to redirect McAfee file operations to an unintended file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | endpoint_security | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:endpoint_security:*:*:*:*:*:windows:*:*", matchCriteriaId: "CA4CEE25-A297-4D69-8CF8-5425875B206A", versionEndExcluding: "10.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local users to access files which the user otherwise would not have access to via manipulating symbolic links to redirect McAfee file operations to an unintended file.", }, { lang: "es", value: "Una vulnerabilidad de Control de Acceso Inapropiado en McAfee Endpoint Security (ENS) para Windows versiones anteriores a 10.7.0 Actualización de Septiembre de 2020, permite a usuarios locales acceder a archivos a los que, de otro modo, el usuario no tendría acceso mediante la manipulación de enlaces simbólicos para redireccionar las operaciones de archivos de McAfee a un archivo no deseado.", }, ], id: "CVE-2020-7319", lastModified: "2024-11-21T05:37:03.330", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2, impactScore: 6, source: "trellixpsirt@trellix.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-09-09T10:15:11.320", references: [ { source: "trellixpsirt@trellix.com", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10327", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10327", }, ], sourceIdentifier: "trellixpsirt@trellix.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-59", }, ], source: "trellixpsirt@trellix.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-59", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-11-12 10:15
Modified
2024-11-21 05:37
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Unquoted service executable path in McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows local users to cause a denial of service and malicious file execution via carefully crafted and named executable files.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | endpoint_security | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:endpoint_security:*:*:*:*:*:windows:*:*", matchCriteriaId: "277DF1D5-0C18-4549-875C-84828ABE7B20", versionEndExcluding: "10.6.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Unquoted service executable path in McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows local users to cause a denial of service and malicious file execution via carefully crafted and named executable files.", }, { lang: "es", value: "Una ruta ejecutable de servicio sin comillas en McAfee Endpoint Security (ENS) versiones anteriores a 10.7.0, actualización de Noviembre de 2020, permite a usuarios locales causar una denegación de servicio y la ejecución de archivos maliciosos por medio de archivos ejecutables cuidadosamente diseñados y nombrados", }, ], id: "CVE-2020-7331", lastModified: "2024-11-21T05:37:04.630", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "trellixpsirt@trellix.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-11-12T10:15:13.513", references: [ { source: "trellixpsirt@trellix.com", tags: [ "Broken Link", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10335", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10335", }, ], sourceIdentifier: "trellixpsirt@trellix.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-428", }, ], source: "trellixpsirt@trellix.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-428", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-04-15 12:15
Modified
2024-11-21 05:36
Severity ?
4.8 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
5.3 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
5.3 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Summary
Accessing, modifying or executing executable files vulnerability in the uninstaller in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to execute arbitrary code via a carefully crafted input file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | endpoint_security | 10.5.0 | |
| mcafee | endpoint_security | 10.5.1 | |
| mcafee | endpoint_security | 10.5.2 | |
| mcafee | endpoint_security | 10.5.3 | |
| mcafee | endpoint_security | 10.5.4 | |
| mcafee | endpoint_security | 10.5.5 | |
| mcafee | endpoint_security | 10.6.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.0:*:*:*:*:windows:*:*", matchCriteriaId: "6AC514CA-D094-433D-9561-99048D43902F", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.1:*:*:*:*:windows:*:*", matchCriteriaId: "1B7AE3E9-DDCE-4119-B57D-B3D471E05B16", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.2:*:*:*:*:windows:*:*", matchCriteriaId: "603FE358-FADA-4FE6-B3F2-169D032A57E9", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.3:*:*:*:*:windows:*:*", matchCriteriaId: "66461D42-AE21-41B3-9FCB-3F6D09AC323E", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.4:*:*:*:*:windows:*:*", matchCriteriaId: "DCC441CF-5EA0-41C1-AE15-6672FF20B73A", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.5:*:*:*:*:windows:*:*", matchCriteriaId: "A6551AB4-1B0F-4EE3-8ED1-99413E3F19DD", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.6.0:*:*:*:*:windows:*:*", matchCriteriaId: "94732038-F35D-41AB-A550-E6F5FF9004DF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Accessing, modifying or executing executable files vulnerability in the uninstaller in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to execute arbitrary code via a carefully crafted input file.", }, { lang: "es", value: "Una vulnerabilidad de acceso, modificación o ejecución de archivos ejecutables en el desinstalador en McAfee Endpoint Security (ENS) para Windows versiones anteriores a 10.7.0 Update de Abril de 2020, permite a usuarios locales ejecutar código arbitrario por medio de un archivo de entrada cuidadosamente diseñado.", }, ], id: "CVE-2020-7275", lastModified: "2024-11-21T05:36:58.270", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 1.3, impactScore: 3.4, source: "trellixpsirt@trellix.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-15T12:15:12.293", references: [ { source: "trellixpsirt@trellix.com", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], sourceIdentifier: "trellixpsirt@trellix.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-428", }, ], source: "trellixpsirt@trellix.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-428", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-04-15 10:15
Modified
2024-11-21 05:36
Severity ?
7.4 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Summary
Exploiting incorrectly configured access control security levels vulnerability in ENS Firewall in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 April 2020 and 10.6.1 April 2020 updates allows remote attackers and local users to allow or block unauthorized traffic via pre-existing rules not being handled correctly when updating to the February 2020 updates.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | endpoint_security | 10.5.0 | |
| mcafee | endpoint_security | 10.5.1 | |
| mcafee | endpoint_security | 10.5.2 | |
| mcafee | endpoint_security | 10.5.3 | |
| mcafee | endpoint_security | 10.5.4 | |
| mcafee | endpoint_security | 10.5.5 | |
| mcafee | endpoint_security | 10.6.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.0:*:*:*:*:windows:*:*", matchCriteriaId: "6AC514CA-D094-433D-9561-99048D43902F", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.1:*:*:*:*:windows:*:*", matchCriteriaId: "1B7AE3E9-DDCE-4119-B57D-B3D471E05B16", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.2:*:*:*:*:windows:*:*", matchCriteriaId: "603FE358-FADA-4FE6-B3F2-169D032A57E9", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.3:*:*:*:*:windows:*:*", matchCriteriaId: "66461D42-AE21-41B3-9FCB-3F6D09AC323E", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.4:*:*:*:*:windows:*:*", matchCriteriaId: "DCC441CF-5EA0-41C1-AE15-6672FF20B73A", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.5:*:*:*:*:windows:*:*", matchCriteriaId: "A6551AB4-1B0F-4EE3-8ED1-99413E3F19DD", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.6.0:*:*:*:*:windows:*:*", matchCriteriaId: "94732038-F35D-41AB-A550-E6F5FF9004DF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Exploiting incorrectly configured access control security levels vulnerability in ENS Firewall in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 April 2020 and 10.6.1 April 2020 updates allows remote attackers and local users to allow or block unauthorized traffic via pre-existing rules not being handled correctly when updating to the February 2020 updates.", }, { lang: "es", value: "Una vulnerabilidad de explotación de los niveles de seguridad de control de acceso configurados incorrectamente en ENS Firewall en McAfee Endpoint Security (ENS) para Windows versiones anteriores 10.7.0 Update de Abril de 2020 y versiones anteriores a 10.6.1, Update de Abril de 2020, permite a atacantes remotos y usuarios locales habilitar o bloquear el tráfico no autorizado por medio de reglas preexistentes que no han sido manejadas correctamente en la actualización de febrero de 2020.", }, ], id: "CVE-2020-7278", lastModified: "2024-11-21T05:36:58.597", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 3.1, impactScore: 3.7, source: "trellixpsirt@trellix.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-15T10:15:13.857", references: [ { source: "trellixpsirt@trellix.com", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], sourceIdentifier: "trellixpsirt@trellix.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "trellixpsirt@trellix.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-862", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-04-08 15:59
Modified
2025-04-12 10:46
Severity ?
Summary
The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) before 2.0.1.140.1, Data Loss Prevention Endpoint (DLPe) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Device Control (MDC) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Endpoint Security (ENS) 10.x before 10.1, Host Intrusion Prevention Service (IPS) 8.0 before 8.0.0.3624, and VirusScan Enterprise (VSE) 8.8 before P7 (8.8.0.1528) on Windows allows local administrators to bypass intended self-protection rules and disable the antivirus engine by modifying registry keys.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | active_response | * | |
| mcafee | agent | * | |
| mcafee | data_exchange_layer | * | |
| mcafee | data_loss_prevention_endpoint | * | |
| mcafee | data_loss_prevention_endpoint | * | |
| mcafee | endpoint_security | * | |
| mcafee | host_intrusion_prevention | * | |
| mcafee | virusscan_enterprise | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:active_response:*:*:*:*:*:*:*:*", matchCriteriaId: "543B3BBE-A5D5-4EC9-BBDE-646EC654CB43", versionEndIncluding: "1.1.0.158", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:agent:*:*:*:*:*:*:*:*", matchCriteriaId: "988ACD16-D8B6-4934-9653-4E10857BFA83", versionEndIncluding: "5.0.2.285", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:data_exchange_layer:*:*:*:*:*:*:*:*", matchCriteriaId: "2CBBB9A7-B7D6-4A59-85CA-A4C840BB9B24", versionEndIncluding: "2.0.0.430.1", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:data_loss_prevention_endpoint:*:p5:*:*:*:*:*:*", matchCriteriaId: "BC49C347-3C2B-4A2B-BA39-22E70ED3F835", versionEndIncluding: "9.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:data_loss_prevention_endpoint:*:p1_hf2:*:*:*:*:*:*", matchCriteriaId: "68E9052A-ACB0-4791-AFEB-98DBBF537A5B", versionEndIncluding: "9.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:*:*:*:*:*:*:*:*", matchCriteriaId: "997552D0-C322-4E13-8944-C6E56428EE33", versionEndIncluding: "10.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:host_intrusion_prevention:*:p6:*:*:*:*:*:*", matchCriteriaId: "EED9A958-538B-4B25-9696-6850508D8D54", versionEndIncluding: "8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:virusscan_enterprise:*:p6:*:*:*:*:*:*", matchCriteriaId: "EDF04428-E664-4922-B950-DB61BE5AD13F", versionEndIncluding: "8.8.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) before 2.0.1.140.1, Data Loss Prevention Endpoint (DLPe) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Device Control (MDC) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Endpoint Security (ENS) 10.x before 10.1, Host Intrusion Prevention Service (IPS) 8.0 before 8.0.0.3624, and VirusScan Enterprise (VSE) 8.8 before P7 (8.8.0.1528) on Windows allows local administrators to bypass intended self-protection rules and disable the antivirus engine by modifying registry keys.", }, { lang: "es", value: "El McAfee VirusScan Console (mcconsol.exe) en McAfee Active Response (MAR) en versiones anteriores a 1.1.0.161, Agent (MA) 5.x en versiones anteriores a 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) en versiones anteriores a 2.0.1.140.1, Data Loss Prevention Endpoint (DLPe) 9.3 en versiones anteriores a Patch 6 y 9.4 en versiones anteriores a Patch 1 HF3, Device Control (MDC) 9.3 en versiones anteriores a Patch 6 y 9.4 en versiones anteriores a Patch 1 HF3, Endpoint Security (ENS) 10.x en versiones anteriores a 10.1, Host Intrusion Prevention Service (IPS) 8.0 en versiones anteriores a 8.0.0.3624 y VirusScan Enterprise (VSE) 8.8 en versiones anteriores a P7 (8.8.0.1528) en Windows permite a administradores locales eludir las reglas destinadas a la autoprotección y desactivar el motor del antivirus modificando claves de registro.", }, ], id: "CVE-2016-3984", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 3.6, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:N/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H", version: "3.0", }, exploitabilityScore: 0.8, impactScore: 4.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-04-08T15:59:10.107", references: [ { source: "cve@mitre.org", tags: [ "Exploit", ], url: "http://lab.mediaservice.net/advisory/2016-01-mcafee.txt", }, { source: "cve@mitre.org", url: "http://seclists.org/fulldisclosure/2016/Mar/13", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id/1035130", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10151", }, { source: "cve@mitre.org", tags: [ "Exploit", ], url: "https://www.exploit-db.com/exploits/39531/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://lab.mediaservice.net/advisory/2016-01-mcafee.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://seclists.org/fulldisclosure/2016/Mar/13", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1035130", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10151", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "https://www.exploit-db.com/exploits/39531/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-04-15 08:15
Modified
2024-11-21 05:37
Severity ?
4.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Summary
Cleartext Transmission of Sensitive Information between McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update and McAfee Global Threat Intelligence (GTI) servers using DNS allows a remote attacker to view the requests from ENS and responses from GTI over DNS. By gaining control of an intermediate DNS server or altering the network DNS configuration, it is possible for an attacker to intercept requests and send their own responses.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| trellixpsirt@trellix.com | https://kc.mcafee.com/corporate/index?page=content&id=SB10354 | Broken Link, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kc.mcafee.com/corporate/index?page=content&id=SB10354 | Broken Link, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | endpoint_security | * | |
| mcafee | endpoint_security | 10.6.1 | |
| mcafee | endpoint_security | 10.6.1 | |
| mcafee | endpoint_security | 10.6.1 | |
| mcafee | endpoint_security | 10.6.1 | |
| mcafee | endpoint_security | 10.6.1 | |
| mcafee | endpoint_security | 10.6.1 | |
| mcafee | endpoint_security | 10.6.1 | |
| mcafee | endpoint_security | 10.6.1 | |
| mcafee | endpoint_security | 10.6.1 | |
| mcafee | endpoint_security | 10.6.1 | |
| mcafee | endpoint_security | 10.6.1 | |
| mcafee | endpoint_security | 10.6.1 | |
| mcafee | endpoint_security | 10.6.1 | |
| mcafee | endpoint_security | 10.7.0 | |
| mcafee | endpoint_security | 10.7.0 | |
| mcafee | endpoint_security | 10.7.0 | |
| mcafee | endpoint_security | 10.7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:endpoint_security:*:*:*:*:*:windows:*:*", matchCriteriaId: "B8F02C7C-E84A-46B6-9D53-B0F80D74F034", versionEndIncluding: "10.6.1", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.6.1:-:*:*:*:windows:*:*", matchCriteriaId: "527D7169-2335-4E37-8EE4-9CEFEDAA3E93", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.6.1:april_2020:*:*:*:windows:*:*", matchCriteriaId: "A40EFFF8-705D-477F-93F9-CF26F2E3E3FB", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.6.1:december_2018:*:*:*:windows:*:*", matchCriteriaId: "5C5EAC95-E27A-41C2-94F0-ADCF34FE9320", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.6.1:december_2019:*:*:*:windows:*:*", matchCriteriaId: "2DB79D5F-58F0-45B7-93AA-6A5CCF335AC8", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.6.1:february_2019:*:*:*:windows:*:*", matchCriteriaId: "17BC708D-032D-4F96-87CD-D47BA981CA61", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.6.1:february_2020:*:*:*:windows:*:*", matchCriteriaId: "EEA60857-F422-4BC3-BD49-ADE727E8F78B", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.6.1:july_2019:*:*:*:windows:*:*", matchCriteriaId: "ABCE9337-5E00-4C9D-8696-608668251D21", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.6.1:july_2020:*:*:*:windows:*:*", matchCriteriaId: "13C85BA8-3C41-4B10-936E-BC87F4BBDA44", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.6.1:may_2019:*:*:*:windows:*:*", matchCriteriaId: "11F38723-5F2A-41DD-9CF0-028DA001CDCC", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.6.1:november_2018:*:*:*:windows:*:*", matchCriteriaId: "E1BE4C78-DD0D-46B9-9962-6ACDE8EEF629", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.6.1:november_2020:*:*:*:windows:*:*", matchCriteriaId: "A013FD56-6E6B-4D76-B279-C68C24AFD35A", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.6.1:october_2019:*:*:*:windows:*:*", matchCriteriaId: "154181E9-8BF3-4D3F-A683-25BFE85A9FC0", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.6.1:september_2020:*:*:*:windows:*:*", matchCriteriaId: "3679E9ED-E28D-486C-A8A3-C948DABE1F4E", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.7.0:february_2020:*:*:*:windows:*:*", matchCriteriaId: "6243F2C9-35EA-46A9-B48E-F2EB23D9376F", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.7.0:july_2020:*:*:*:windows:*:*", matchCriteriaId: "2BA52931-828B-4FC9-BB2F-B40180379342", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.7.0:november_2020:*:*:*:windows:*:*", matchCriteriaId: "B8F298BE-99AF-4C66-B852-A4EF7734E76F", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.7.0:september_2020:*:*:*:windows:*:*", matchCriteriaId: "6FE691D2-B7ED-48D9-8AE2-9711B35D2D35", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Cleartext Transmission of Sensitive Information between McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update and McAfee Global Threat Intelligence (GTI) servers using DNS allows a remote attacker to view the requests from ENS and responses from GTI over DNS. By gaining control of an intermediate DNS server or altering the network DNS configuration, it is possible for an attacker to intercept requests and send their own responses.", }, { lang: "es", value: "Una transmisión de Texto Sin Cifrar de Información Confidencial entre McAfee Endpoint Security (ENS) para Windows anterior a versión 10.7.0 Update de Febrero de 2021 y los servidores de McAfee Global Threat Intelligence (GTI) que usan DNS permite a un atacante remoto visualizar unas peticiones de ENS y unas respuestas de GTI por medio de DNS. Al conseguir el control de un servidor DNS intermedio o alterar la configuración del DNS de la red, es posible a un atacante interceptar peticiones y enviar sus propias respuestas", }, ], id: "CVE-2020-7308", lastModified: "2024-11-21T05:37:02.140", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 6.4, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 2.5, source: "trellixpsirt@trellix.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 2.5, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-04-15T08:15:14.370", references: [ { source: "trellixpsirt@trellix.com", tags: [ "Broken Link", "Vendor Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10354", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Vendor Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10354", }, ], sourceIdentifier: "trellixpsirt@trellix.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-319", }, ], source: "trellixpsirt@trellix.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-319", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-10-09 16:15
Modified
2024-11-21 04:42
Severity ?
5.0 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
5.3 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
5.3 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Summary
Code Injection vulnerability in EPSetup.exe in McAfee Endpoint Security (ENS) Prior to 10.6.1 October 2019 Update allows local user to get their malicious code installed by the ENS installer via code injection into EPSetup.exe by an attacker with access to the installer.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | endpoint_security | * | |
| mcafee | endpoint_security | * | |
| mcafee | endpoint_security | 10.6.1 | |
| microsoft | windows | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:endpoint_security:*:*:*:*:*:*:*:*", matchCriteriaId: "1674A876-8429-40B0-8D32-171C0089FFE2", versionEndIncluding: "10.5.5", versionStartIncluding: "10.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:*:*:*:*:*:*:*:*", matchCriteriaId: "53207FA9-42F0-439B-B2FF-C88075012D9E", versionEndExcluding: "10.6.1", versionStartIncluding: "10.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.6.1:-:*:*:*:*:*:*", matchCriteriaId: "CE3195B9-F691-428E-B1E5-C960483F979F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Code Injection vulnerability in EPSetup.exe in McAfee Endpoint Security (ENS) Prior to 10.6.1 October 2019 Update allows local user to get their malicious code installed by the ENS installer via code injection into EPSetup.exe by an attacker with access to the installer.", }, { lang: "es", value: "Una vulnerabilidad de inyección de código en el archivo EPSetup.exe en McAfee Endpoint Security (ENS) versiones anteriores a 10.6.1 Update de octubre 2019, permite al usuario local obtener su código malicioso instalado mediante el instalador de ENS a través de la inyección de código en el archivo EPSetup.exe por parte de un atacante con acceso al instalador.", }, ], id: "CVE-2019-3652", lastModified: "2024-11-21T04:42:17.987", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 0.8, impactScore: 3.7, source: "trellixpsirt@trellix.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-10-09T16:15:16.000", references: [ { source: "trellixpsirt@trellix.com", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10299", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10299", }, ], sourceIdentifier: "trellixpsirt@trellix.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-94", }, ], source: "trellixpsirt@trellix.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-94", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-04-15 12:15
Modified
2024-11-21 05:36
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Summary
Accessing functionality not properly constrained by ACLs vulnerability in the autorun start-up protection in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to delete or rename programs in the autorun key via manipulation of some parameters.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | endpoint_security | 10.5.0 | |
| mcafee | endpoint_security | 10.5.1 | |
| mcafee | endpoint_security | 10.5.2 | |
| mcafee | endpoint_security | 10.5.3 | |
| mcafee | endpoint_security | 10.5.4 | |
| mcafee | endpoint_security | 10.5.5 | |
| mcafee | endpoint_security | 10.6.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.0:*:*:*:*:windows:*:*", matchCriteriaId: "6AC514CA-D094-433D-9561-99048D43902F", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.1:*:*:*:*:windows:*:*", matchCriteriaId: "1B7AE3E9-DDCE-4119-B57D-B3D471E05B16", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.2:*:*:*:*:windows:*:*", matchCriteriaId: "603FE358-FADA-4FE6-B3F2-169D032A57E9", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.3:*:*:*:*:windows:*:*", matchCriteriaId: "66461D42-AE21-41B3-9FCB-3F6D09AC323E", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.4:*:*:*:*:windows:*:*", matchCriteriaId: "DCC441CF-5EA0-41C1-AE15-6672FF20B73A", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.5.5:*:*:*:*:windows:*:*", matchCriteriaId: "A6551AB4-1B0F-4EE3-8ED1-99413E3F19DD", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:endpoint_security:10.6.0:*:*:*:*:windows:*:*", matchCriteriaId: "94732038-F35D-41AB-A550-E6F5FF9004DF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Accessing functionality not properly constrained by ACLs vulnerability in the autorun start-up protection in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to delete or rename programs in the autorun key via manipulation of some parameters.", }, { lang: "es", value: "La funcionalidad de acceso no restringe apropiadamente por una vulnerabilidad de las ACL en la protección de inicio de ejecución automática en McAfee Endpoint Security (ENS) para Windows versiones anteriores a 10.7.0 Update de Abril de 2020, permite a usuarios locales eliminar o cambiar el nombre de los programas en la clave de ejecución automática por medio de la manipulación de algunos parámetros.", }, ], id: "CVE-2020-7273", lastModified: "2024-11-21T05:36:58.037", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:H", version: "3.1", }, exploitabilityScore: 1.5, impactScore: 4.7, source: "trellixpsirt@trellix.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-15T12:15:12.153", references: [ { source: "trellixpsirt@trellix.com", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10309", }, ], sourceIdentifier: "trellixpsirt@trellix.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-269", }, ], source: "trellixpsirt@trellix.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-269", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }